Malware doble tilde (llevo dias y no consigo quitarlo) ayuda

Muy buenas, Tengo desde hace unas semanas el malware de la doble tilde en un portatil con windows 10. He probado, varios limpiadores (ccleaner, malwarebytes… y nada).

¿alquien me podria ayudar a eliminarlo? Muchas gracias.

Buenas, He pasado el Farbar Recovery Scan Tool como se indica en otro post de por aqui (sin conexion a internet). Pongo los reportes frst.txt y addition.txt por aqui para ver si me podeis ayudar. FRST (parte 1)

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 06-08-2023
Ejecutado por David (administrador) sobre WINDELL-14BP45B (Dell Inc. Inspiron 5567) (08-08-2023 09:12:59)
Ejecutado desde C:\Users\David\Desktop\FRST64 (1).exe
Perfiles cargados: David
Plataforma: Microsoft Windows 10 Home Versión 22H2 19045.3271 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\awic\AWiCMgr.exe ->) (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\AWiCDiag.exe
(C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\Wcct.exe ->) () [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\spectral\SocketServer.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(ctfmon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(DriverStore\FileRepository\c0354716.inf_amd64_f71e4ad1ddbb6e3d\B352547\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0354716.inf_amd64_f71e4ad1ddbb6e3d\B352547\atieclxx.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxEM.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(explorer.exe ->) (Focusrite Audio Engineering, Ltd.) [Archivo no firmado] C:\Program Files\FocusriteUSB\Focusrite Notifier.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\79.0.2.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\79.0.2.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (Qualcomm Atheros Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\awic\AWiCMgr.exe
(explorer.exe ->) (Qualcomm Atheros Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\Wcct.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0354716.inf_amd64_f71e4ad1ddbb6e3d\B352547\atiesrxx.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\IntelCpHeciSvc.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.11.184.1\mc-fw-host.exe <2>
(services.exe ->) (McAfee, LLC -> McAfee, LLC.) C:\Program Files (x86)\McAfee\McAfee Safe Connect\SafeConnect.ServiceHost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2330.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.11.184.1\neo\core\mc-neo-host.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\SubscriptionJob\mc-oem-subjob.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21524.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21524.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_3000.934.1904.0_x64__8wekyb3d8bbwe\PushNotificationsLongRunningTask.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWelcome.exe [127480 2017-11-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AWiCMgr] => C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\AWiC\AWiCMgr.exe [185856 2016-09-19] (Qualcomm Atheros Inc.) [Archivo no firmado]
HKLM\...\Run: [AWiCDiag] => C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\AWiCDiag.exe [3067904 2016-09-19] (Qualcomm Atheros, Inc.) [Archivo no firmado]
HKLM\...\Run: [wcct] => C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\wcct.exe [1076224 2016-09-19] (Qualcomm Atheros Inc.) [Archivo no firmado]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Focusrite Notifier] => C:\Program Files\FocusriteUSB\Focusrite Notifier.exe [3949568 2019-08-02] (Focusrite Audio Engineering, Ltd.) [Archivo no firmado]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2023-07-29] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\79.0.2.0\GoogleDriveFS.exe [147244312 2023-08-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\79.0.2.0\GoogleDriveFS.exe [147244312 2023-08-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-456901426-2367040865-2536711323-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\79.0.2.0\GoogleDriveFS.exe [147244312 2023-08-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\79.0.2.0\GoogleDriveFS.exe [147244312 2023-08-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Run: [SafeConnect] => C:\Program Files (x86)\McAfee\McAfee Safe Connect\SafeConnect.Entry.exe [161440 2022-09-22] (McAfee, LLC -> McAfee, LLC.)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Run: [Spotify] => C:\Users\David\AppData\Roaming\Spotify\Spotify.exe [19970464 2022-07-18] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Run: [MicrosoftEdgeAutoLaunch_32628329D6ABECAB6CD57130DDFBAC4F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4088256 2023-07-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\79.0.2.0\GoogleDriveFS.exe [147244312 2023-08-07] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\EPSON XP-302 303 305 306 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMIKE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [558592 2012-11-12] (SEIKO EPSON CORPORATION) [Archivo no firmado]
HKLM\...\Print\Monitors\PDF Architect 8 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\architect_pdfpmon_v.4.12.26.3.dll [932984 2021-12-05] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\115.0.5790.171\Installer\chrmstp.exe [2023-08-04] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Updater.lnk [2019-03-11]
ShortcutTarget: RT-Updater.lnk -> C:\Ross-Tech\VCDS\VCDS.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)

==================== Tareas programadas (Lista blanca) =================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {4DEC7650-310B-4175-A5E1-65E4706611EB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {9B72AB73-C3DD-4CEA-ABD9-81396CF0D582} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {375A3051-AC4D-48A0-8F6D-E494ABB0B2A9} - System32\Tasks\Elcomsoft\Elcomsoft Updater Autostart => C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\updater-launcher.exe [372320 2018-09-05] (Elcomsoft s.r.o. -> Elcomsoft)
Task: {C179BDA7-4F8F-4F8C-B9B6-6EACA810AC9B} - System32\Tasks\Elcomsoft\Elcomsoft Updater Show => C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\updater-launcher.exe [372320 2018-09-05] (Elcomsoft s.r.o. -> Elcomsoft)
Task: {FD0BCE2D-A343-4150-8896-C1FBAEABB11A} - System32\Tasks\Elcomsoft\Elcomsoft Updater Terminate => C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\updater-launcher.exe [372320 2018-09-05] (Elcomsoft s.r.o. -> Elcomsoft)
Task: {A8A04081-6517-453B-86BE-DFCB60D20F43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-27] (Google Inc -> Google Inc.)
Task: {74F38714-DCA9-482E-AD4C-62E991D81601} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-27] (Google Inc -> Google Inc.)
Task: {C0B543FA-F7A1-47B0-BF2E-161C70D3DACB} - System32\Tasks\McAfee OEM Subscription job => \\?\C:\Program Files\McAfee\WPS\SubscriptionJob\mc-oem-subjob.exe [1986072 2023-08-03] (McAfee, LLC -> McAfee, LLC)
Task: {4E4FFE76-8568-479C-AA4B-C4B5EDFC8236} - System32\Tasks\McAfee\WPS\amwebapitriggertask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {BF374718-6380-4297-A37A-447D6837B58E} - System32\Tasks\McAfee\WPS\DAD.WPS.Execute.Updates => C:\Program Files\McAfee\WPS\1.11.184.1\dad\mc-dad.exe [4379528 2023-08-07] (McAfee, LLC -> McAfee, LLC)
Task: {B26D1454-D8D0-4666-A91E-A59E9D3AAC14} - System32\Tasks\McAfee\WPS\datupdatetask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {A3E8965F-9298-4996-BF7A-9CEC8CD36EA5} - System32\Tasks\McAfee\WPS\McAfee Sustainability => C:\Program Files\McAfee\WPS\1.11.184.1\sustainability\mc-sustainability.exe [785616 2023-08-07] (McAfee, LLC -> McAfee, LLC)
Task: {459F84AF-980F-40C0-88A2-B001477E7FB1} - System32\Tasks\McAfee\WPS\mcpcoscanner => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {2480B59B-3CE3-4E34-B009-9224797EC49D} - System32\Tasks\McAfee\WPS\NGMCadence => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {73D27EF3-8FE6-42F5-A7D4-7F726355FD05} - System32\Tasks\McAfee\WPS\odsscheduledtask => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D}
Task: {70BA6D37-F243-4417-BE44-A12B43E33317} - System32\Tasks\McAfee\WPS\systemrebootedtask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {46F98F2B-0E43-40A2-A329-9EA31407FCC9} - System32\Tasks\McAfee\WPS\Update => {81A7CB63-BB07-4DAD-8E72-07B3A9BB08E2}
Task: {B55ABF9C-5151-418D-8AF4-2A99896BAC05} - System32\Tasks\McAfee\WPS\WPSPush => \\?\C:\Program Files\McAfee\WPS\1.11.184.1\mc-wns-client\mc-wns-client.exe [802800 2023-08-07] (McAfee, LLC -> )
Task: {2FCC1405-B8BB-4D9A-B98A-75B1DA74D671} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656184 2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {F7275E12-017E-48E4-A03D-AEA3CB09455D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656184 2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {8CA09B7E-1DBB-4729-827A-32BCBBE888E5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158656 2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {4CCF862A-FE89-499A-B05C-670F04B5933C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158656 2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C3E26AA-6904-4448-BD07-5C8EC2999A65} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [167864 2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {0FC98D76-9EC0-4A3A-B1B5-E8A391DCAF84} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc
Task: {0FC98D76-9EC0-4A3A-B1B5-E8A391DCAF84} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun
Task: {0FC98D76-9EC0-4A3A-B1B5-E8A391DCAF84} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData
Task: {53729C35-7838-432C-A2AB-098B72D1A37B} - System32\Tasks\Microsoft\Windows\Chkdsk\CNHe-tiering-events => C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [65440 2019-12-07] (Microsoft Corporation -> Microsoft Corporation) -> C:\PROGRA~2\GENERI~1\XXIVER~1\DEVROM~1.DLL /nologo /unregister
Task: {749ACC8F-FCB4-4F15-8E70-466F61CAAD16} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Acceso Denegado]
Task: {5266DA90-664A-4EA3-B7DF-B4777F0FB2DA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantAllUsersRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Acceso Denegado]
Task: {C76C388F-5A28-4D95-A509-660D64CBA67A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Acceso Denegado]
Task: {D9655014-B06C-40AF-8F27-24E5A1474C7F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Acceso Denegado]
Task: {8743FF16-EE3F-4FD8-A9DA-2DBF4A0AD508} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe  -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F732BE03-35D8-4F51-B26F-C545F4D3106E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe  do-task "308046B0AF4A39CB" (Ningún archivo)
Task: {3B46CC74-800C-4D2E-B288-7D2E34EC83B9} - System32\Tasks\PCDDataUploadTask => "uaclauncher.exe"  -lloc dataupload --ignoresecondarysplash --runsilently --skipidlewait (Ningún archivo)
Task: {85D642D5-C976-4C38-B87A-DA42BE974606} - System32\Tasks\Remove AdwCleaner Application => C:\WINDOWS\system32\CMD.EXE [289792 2023-05-05] (Microsoft Windows -> Microsoft Corporation) -> /C DEL /F /Q "C:\Users\David\Desktop\adwcleaner.exe"
Task: {B2CD7D28-DDC7-4E39-BE7A-C2D549F67969} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60008 2020-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3DB109C4-2467-4132-8551-74F2DF5639A6} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [67688 2020-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {EA2424B0-7DEA-48E5-8534-5EFFF0ABFE88} - System32\Tasks\SystemToolsDailyTest => "uaclauncher.exe"  -silentenumeration -st SystemToolsDailyTest --ignoresecondarysplash --runsilently (Ningún archivo)
Task: {AFA0C759-8175-460B-9096-506623E4C5F2} - System32\Tasks\Uninstall AdwCleaner Application => C:\Users\David\Desktop\adwcleaner.exe [8791352 2023-08-04] (Malwarebytes Inc. -> Malwarebytes)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 212.230.135.1 212.230.135.2
Tcpip\..\Interfaces\{05e87645-38d1-4a02-a165-b33cde195eca}: [DhcpNameServer] 172.18.11.1
Tcpip\..\Interfaces\{1c7d2606-8467-4a09-9b67-7eac93f909b4}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{8b17c222-ffb7-4986-b87f-5b2d6b8264b5}: [DhcpNameServer] 212.230.135.1 212.230.135.2
Tcpip\..\Interfaces\{b5b2aaf8-675d-4116-89b9-662e8a27c158}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ca8dd785-5e42-46fe-8fe0-479d65022cae}: [DhcpNameServer] 62.81.16.213 62.81.16.148
Tcpip\..\Interfaces\{d6a5bca9-e8ee-4d3b-9975-e4a47de3a098}: [DhcpNameServer] 62.81.16.213 62.81.16.148

Edge: 
=======
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
Edge DefaultProfile: Default
Edge Profile: C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-08]
Edge Extension: (Edge relevant text changes) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-04]

FireFox:
========
FF DefaultProfile: llolf8er.default
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\llolf8er.default [2023-08-06]
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\rprqjlj3.default-release [2023-08-07]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\PDF Architect 8\creator\plugins\FirefoxAddin\[email protected]
FF Extension: (PDF Architect 8 Creator) - C:\Program Files\PDF Architect 8\creator\plugins\FirefoxAddin\[email protected] [2020-11-16]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\PDF Architect 8\creator\plugins\FirefoxAddin\[email protected]
FF HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Firefox\Extensions: [[email protected]] - C:\Users\David\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => no encontrado
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: PDF Architect 8 -> C:\Program Files\PDF Architect 8\np-previewer.dll [2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: PDF Architect 8 -> C:\Program Files (x86)\PDF Architect 8\np-previewer.dll [2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
FF Plugin HKU\S-1-5-21-456901426-2367040865-2536711323-1001: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\David\AppData\Roaming\ACEStream\player\npace_plugin.dll [Ningún archivo]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2023-08-08]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2023-08-06]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-06]
CHR Extension: (Menú de aplicaciones de Drive (de Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-06]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-06]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default_Old [2023-08-07] <==== ATENCIÓN
CHR Extension: (McAfee® WebAdvisor) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default_Old\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2023-08-03]
CHR Extension: (Google Docs Offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default_Old\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-03]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default_Old\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default_Old\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-03]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-08-07]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-456901426-2367040865-2536711323-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-456901426-2367040865-2536711323-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [hcjdanpjacpeeppdjkppebobilhaglfo]
CHR HKLM-x32\...\Chrome\Extension: [lecopdllcadfbliodgfpfbhgoaohmlfe]

Brave: 
=======
BRA Profile: C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-08-07]
BRA Extension: (McAfee® WebAdvisor) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-05-30]
BRA Extension: (SearchPreview) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo [2021-05-30]
BRA Extension: (Loom for Chrome) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\liecbddmkiiihnedobmlmillhodjkdmb [2021-06-06]
BRA Extension: (Menú de aplicaciones de Drive (de Google)) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-05-30]
BRA Extension: (Ace Script) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2021-05-30]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-05-30]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-06-07]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-05-30]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-06-06]
BRA Extension: (Brave Ad Block Updater (EasyList Spanish)) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\pdecoifadfkklajdlmndjpkhabpklldh [2021-06-07]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S4 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11867104 2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
S4 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2023-07-29] (Dropbox, Inc -> Dropbox, Inc.)
S4 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [38048 2019-03-15] (Dell Inc -> )
S4 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S4 Focusrite Control Server; C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe [1534976 2020-01-08] (Focusrite Audio Engineering Ltd.) [Archivo no firmado]
R2 mc-fw-host; C:\Program Files\McAfee\WPS\1.11.184.1\mc-fw-host.exe [2306456 2023-08-07] (McAfee, LLC -> McAfee, LLC)
S3 mc-wps-update; C:\Program Files\McAfee\WPS\1.11.184.1\mc-update.exe [5075888 2023-08-07] (McAfee, LLC -> McAfee, LLC)
S4 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [871752 2023-07-30] (McAfee, LLC -> McAfee, LLC)
S4 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\5.5.107.0\\McCSPServiceHost.exe [3384472 ] (McAfee, LLC -> McAfee, LLC)
S4 NTKDaemonService; C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe [16847584 2023-05-17] (Native Instruments GmbH -> Native Instruments GmbH)
S4 PDF Architect 6; C:\Program Files\PDF Architect 6\ws.exe [2569976 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 6 Creator; C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe [832248 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 6 Update Service; C:\Program Files\PDF Architect 6\updater-ws.exe [1665272 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 8; C:\Program Files\PDF Architect 8\ws.exe [2731616 2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 8 Creator; C:\Program Files\PDF Architect 8\creator-ws.exe [628832 2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
S4 Realtek87L; C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe [36864 2009-07-10] (Realtek) [Archivo no firmado]
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 SafeConnectService; C:\Program Files (x86)\McAfee\McAfee Safe Connect\SafeConnect.ServiceHost.exe [32144 2022-09-22] (McAfee, LLC -> McAfee, LLC.)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [17845048 2023-07-31] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 DellClientManagementService; "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe" [X]
S4 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2023-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-02-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-02-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 FocusritePCIeSwRoot; C:\WINDOWS\System32\drivers\FocusritePCIeSwRoot.sys [97480 2016-11-16] (Focusrite Audio Engineering Ltd. -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUSBSwRoot; C:\WINDOWS\System32\drivers\FocusriteUSBSwRoot.sys [101512 2019-08-02] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-06] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S0 mfeelam; C:\WINDOWS\System32\DRIVERS\mfeelam.sys [18400 2023-08-07] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R0 mfesec; C:\WINDOWS\System32\DRIVERS\mfesec.sys [82696 2023-08-07] (McAfee, LLC -> McAfee, LLC)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 RT-USB; C:\WINDOWS\system32\drivers\RT-USB64.SYS [97152 2014-05-12] (Ross-Tech, LLC -> Ross-Tech LLC)
S3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [166032 2021-08-13] (Intel Corporation -> Rivet Networks, LLC.)
R3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows (R) Win 7 DDK provider)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2020-02-05] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

FRST (parte 2)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2023-08-08 09:12 - 2023-08-08 09:13 - 000037795 _____ C:\Users\David\Desktop\FRST.txt
2023-08-08 09:10 - 2023-08-08 09:10 - 002384896 _____ (Farbar) C:\Users\David\Desktop\FRST64 (1).exe
2023-08-07 20:59 - 2023-08-07 20:59 - 000003302 _____ C:\WINDOWS\system32\Tasks\Remove AdwCleaner Application
2023-08-07 20:59 - 2023-08-07 20:59 - 000003284 _____ C:\WINDOWS\system32\Tasks\Uninstall AdwCleaner Application
2023-08-07 20:46 - 2023-08-07 20:46 - 000000000 ___HD C:\$WinREAgent
2023-08-07 12:34 - 2023-08-07 12:34 - 000000000 ____D C:\Users\David\Downloads\ProcessExplorer
2023-08-07 12:33 - 2023-08-07 12:33 - 003514508 _____ C:\Users\David\Downloads\ProcessExplorer.zip
2023-08-07 11:44 - 2023-08-07 11:46 - 000088672 _____ C:\Users\David\Downloads\Addition.txt
2023-08-07 11:43 - 2023-08-07 11:46 - 000075578 _____ C:\Users\David\Downloads\FRST.txt
2023-08-07 11:42 - 2023-08-08 09:13 - 000000000 ____D C:\FRST
2023-08-07 11:42 - 2023-08-07 11:42 - 002384896 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2023-08-07 11:27 - 2023-08-07 11:30 - 000015179 _____ C:\DT-kill.txt
2023-08-07 11:27 - 2023-08-07 11:27 - 000000000 ____D C:\_DT-Kill
2023-08-07 11:26 - 2023-08-07 11:26 - 000425747 _____ C:\Users\David\Downloads\DTKill.zip
2023-08-07 11:26 - 2023-08-07 11:26 - 000000000 ____D C:\Users\David\Downloads\DTKill
2023-08-07 11:12 - 2011-04-20 03:03 - 000120320 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMIKE.DLL
2023-08-07 11:12 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ID4BIKE.DLL
2023-08-07 11:12 - 2007-04-10 01:06 - 000010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL
2023-08-07 11:11 - 2023-08-07 11:11 - 021335616 _____ C:\Users\David\Downloads\epson514375eu.exe
2023-08-07 09:55 - 2023-08-07 09:55 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2023-08-07 09:53 - 2023-08-07 09:54 - 199672808 _____ (SUPERAntiSpyware) C:\Users\David\Downloads\SUPERAntiSpywarePro.exe
2023-08-06 18:22 - 2023-08-06 17:34 - 000000000 ____D C:\Windows.old
2023-08-06 18:19 - 2023-08-06 18:22 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2023-08-06 18:17 - 2023-08-06 18:19 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2023-08-06 18:17 - 2023-08-06 18:17 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2023-08-06 18:09 - 2023-08-06 18:09 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2023-08-06 18:09 - 2023-08-06 18:09 - 000000000 ____D C:\Program Files\Reference Assemblies
2023-08-06 18:09 - 2023-08-06 18:09 - 000000000 ____D C:\Program Files\MSBuild
2023-08-06 18:09 - 2023-08-06 18:09 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2023-08-06 18:09 - 2023-08-06 18:09 - 000000000 ____D C:\Program Files (x86)\MSBuild
2023-08-06 17:37 - 2023-08-06 17:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2023-08-06 17:36 - 2023-08-06 17:36 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-08-06 17:34 - 2023-08-08 09:12 - 000004088 _____ C:\WINDOWS\system32\Tasks\McAfee OEM Subscription job
2023-08-06 17:34 - 2023-08-07 22:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-06 17:34 - 2023-08-07 12:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2023-08-06 17:34 - 2023-08-06 17:34 - 000003636 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-08-06 17:34 - 2023-08-06 17:34 - 000003558 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-08-06 17:34 - 2023-08-06 17:34 - 000003536 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2023-08-06 17:34 - 2023-08-06 17:34 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-08-06 17:34 - 2023-08-06 17:34 - 000003334 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-08-06 17:34 - 2023-08-06 17:34 - 000003312 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2023-08-06 17:34 - 2023-08-06 17:34 - 000003204 _____ C:\WINDOWS\system32\Tasks\PCDDataUploadTask
2023-08-06 17:34 - 2023-08-06 17:34 - 000003084 _____ C:\WINDOWS\system32\Tasks\SystemToolsDailyTest
2023-08-06 17:34 - 2023-08-06 17:34 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-456901426-2367040865-2536711323-1001
2023-08-06 17:34 - 2023-08-06 17:34 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-456901426-2367040865-2536711323-1001
2023-08-06 17:34 - 2023-08-06 17:34 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2023-08-06 17:34 - 2023-08-06 17:34 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2023-08-06 17:34 - 2023-08-06 17:34 - 000000020 ___SH C:\Users\David\ntuser.ini
2023-08-06 17:34 - 2023-08-06 17:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2023-08-06 17:34 - 2023-08-06 17:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-08-06 17:34 - 2023-08-06 17:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Elcomsoft
2023-08-06 17:31 - 2023-08-07 22:56 - 001772862 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-06 17:30 - 2023-08-06 17:34 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2023-08-06 17:30 - 2023-08-06 17:34 - 000011433 _____ C:\WINDOWS\diagerr.xml
2023-08-06 17:27 - 2023-08-06 17:27 - 000000000 ____D C:\Users\defaultuser0\AppData\Roaming\Microsoft\Network
2023-08-06 17:27 - 2023-08-06 17:27 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network
2023-08-06 17:27 - 2023-08-06 17:27 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\SystemCertificates
2023-08-06 17:27 - 2023-08-06 17:27 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Network
2023-08-06 17:27 - 2023-08-06 17:27 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Crypto
2023-08-06 17:24 - 2023-08-06 17:34 - 000000000 ____D C:\Users\David
2023-08-06 17:24 - 2023-08-06 17:27 - 000000000 ____D C:\Users\defaultuser0
2023-08-06 17:24 - 2023-08-06 17:27 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows
2023-08-06 17:24 - 2023-08-06 17:24 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\Reciente
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\Plantillas
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\Mis documentos
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\Menú Inicio
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\Impresoras
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\Entorno de red
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Mis vídeos
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Mis imágenes
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Mi música
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\Datos de programa
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\Configuración local
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Historial
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Datos de programa
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Archivos temporales de Internet
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\Reciente
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\Plantillas
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\Mis documentos
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\Menú Inicio
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\Impresoras
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\Entorno de red
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\Documents\Mis vídeos
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\Documents\Mis imágenes
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\Documents\Mi música
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\Datos de programa
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\Configuración local
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\AppData\Local\Historial
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\AppData\Local\Datos de programa
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\AppData\Local\Archivos temporales de Internet
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 ____D C:\Program Files\Waves
2023-08-06 17:24 - 2019-12-07 11:31 - 000000000 ____D C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows
2023-08-06 17:22 - 2023-08-08 00:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-06 17:22 - 2023-08-07 22:52 - 005114192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-06 13:24 - 2023-08-07 14:03 - 000000000 ___DC C:\WINDOWS\Panther
2023-08-06 13:18 - 2023-08-06 13:24 - 000000000 ____D C:\ESD
2023-08-06 13:16 - 2023-08-06 13:16 - 000000000 ___HD C:\$Windows.~WS
2023-08-06 10:55 - 2023-08-06 11:23 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2023-08-06 10:52 - 2023-08-06 10:52 - 000002259 _____ C:\WINDOWS\epplauncher.mif
2023-08-04 14:18 - 2023-08-04 14:18 - 000002324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-08-04 14:18 - 2023-08-04 14:18 - 000002283 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-08-04 14:17 - 2023-08-04 14:17 - 001372712 _____ (Google LLC) C:\Users\David\Downloads\ChromeSetup (2).exe
2023-08-04 13:36 - 2023-08-04 13:37 - 002606880 _____ (Malwarebytes) C:\Users\David\Downloads\MBSetup (1).exe
2023-08-04 13:15 - 2023-08-04 13:15 - 008791352 _____ (Malwarebytes) C:\Users\David\Desktop\adwcleaner.exe
2023-08-04 12:10 - 2023-08-04 12:10 - 000000000 ____D C:\WINDOWS\pss
2023-08-04 09:41 - 2023-08-04 09:41 - 056367416 _____ (Piriform Software Ltd) C:\Users\David\Downloads\ccsetup614_pro_trial.exe
2023-08-03 23:47 - 2023-08-03 23:47 - 000780358 _____ C:\Users\David\Documents\trasferencia Raquel171.pdf
2023-08-03 21:44 - 2023-08-03 21:44 - 000000000 ____D C:\Users\David\AppData\Local\mbam
2023-08-03 21:42 - 2023-08-03 21:42 - 002606880 _____ (Malwarebytes) C:\Users\David\Downloads\MBSetup.exe
2023-08-03 21:01 - 2023-08-06 12:43 - 000000098 _____ C:\Users\David\Desktop\Nuevo documento de texto (2).txt
2023-08-03 15:41 - 2023-08-03 15:41 - 095388616 _____ (McAfee, LLC) C:\Users\David\Downloads\McAfee_Malware_Cleaner.exe
2023-08-03 11:32 - 2023-08-03 16:28 - 000000000 ____D C:\Users\David\AppData\Local\LogMeIn Rescue Applet
2023-08-03 11:32 - 2023-08-03 15:41 - 000000000 ____D C:\Program Files (x86)\LogMeIn Rescue Applet
2023-08-02 11:07 - 2023-08-02 11:26 - 1896597490 ____R C:\Users\David\Downloads\BLACK MIRROR 6X3 ESP.mp4
2023-08-02 10:59 - 2023-08-06 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-07-29 23:20 - 2023-07-29 23:20 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2023-07-27 13:53 - 2023-07-27 13:53 - 053329624 _____ (Piriform Software Ltd) C:\Users\David\Downloads\ccsetup607.exe
2023-07-21 16:11 - 2023-07-21 16:15 - 000000000 ____D C:\Users\David\Desktop\Fotos camara Julia
2023-07-19 20:03 - 2023-07-19 20:03 - 000806874 _____ C:\Users\David\Downloads\Tema 5 rev.1 - 120 bpm.wav.reapeaks
2023-07-17 20:12 - 2023-07-17 20:12 - 090485052 _____ C:\Users\David\Downloads\Tema 5 rev.1 - 120 bpm.wav
2023-07-15 13:59 - 2023-07-15 13:59 - 001371176 _____ (Google LLC) C:\Users\David\Downloads\ChromeSetup (1).exe

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2023-08-08 09:12 - 2019-01-23 01:25 - 000000000 ____D C:\ProgramData\McAfee
2023-08-08 09:03 - 2023-05-05 14:27 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-08-08 09:03 - 2018-04-27 20:07 - 000000000 ____D C:\Program Files (x86)\Google
2023-08-08 09:01 - 2022-12-09 11:10 - 000000000 ___RD C:\Users\David\OneDrive - Educantabria
2023-08-08 09:01 - 2021-08-16 15:14 - 000000000 ____D C:\Users\David\AppData\Roaming\Spotify
2023-08-08 09:01 - 2018-10-31 01:21 - 000000000 ____D C:\Users\David\AppData\Roaming\Dropbox
2023-08-08 09:01 - 2018-10-31 01:10 - 000000000 ____D C:\Users\David\AppData\Local\Dropbox
2023-08-08 09:01 - 2018-04-27 20:04 - 000000000 ___RD C:\Users\David\OneDrive
2023-08-08 09:01 - 2018-04-27 20:02 - 000000000 ___SD C:\Users\David\AppData\Roaming\Microsoft\Credentials
2023-08-08 09:00 - 2018-04-27 20:02 - 000000000 __SHD C:\Users\David\IntelGraphicsProfiles
2023-08-08 00:17 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-08 00:17 - 2018-04-27 22:16 - 000000000 ____D C:\Users\David\AppData\Roaming\vlc
2023-08-07 22:56 - 2019-12-07 16:55 - 000790938 _____ C:\WINDOWS\system32\perfh00A.dat
2023-08-07 22:56 - 2019-12-07 16:55 - 000156274 _____ C:\WINDOWS\system32\perfc00A.dat
2023-08-07 22:56 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-08-07 22:52 - 2021-03-21 10:16 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-07 22:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-08-07 22:52 - 2018-04-18 19:06 - 000000000 ____D C:\Intel
2023-08-07 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-07 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-07 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-07 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-07 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-07 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-07 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-07 22:51 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-08-07 21:02 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-07 18:05 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-07 18:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-08-07 16:04 - 2021-09-25 11:06 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-08-07 16:04 - 2021-09-25 11:06 - 000001906 _____ C:\Users\Default\Desktop\Google Slides.lnk
2023-08-07 16:04 - 2021-09-25 11:06 - 000001906 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2023-08-07 16:04 - 2021-09-25 11:06 - 000001894 _____ C:\Users\Default\Desktop\Google Docs.lnk
2023-08-07 14:03 - 2023-04-23 21:11 - 000000000 ____D C:\Users\David\AppData\Local\CrashDumps
2023-08-07 14:03 - 2020-06-22 20:48 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-08-07 13:50 - 2020-12-12 19:34 - 000000000 ____D C:\Program Files (x86)\Dell
2023-08-07 13:50 - 2018-04-18 18:55 - 000000000 ____D C:\ProgramData\Dell
2023-08-07 13:41 - 2018-10-16 23:10 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Word
2023-08-07 12:08 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-08-07 12:08 - 2018-06-24 18:14 - 000000000 ____D C:\ProgramData\Packages
2023-08-07 12:08 - 2018-05-22 01:11 - 000000000 ____D C:\Users\David\AppData\Local\Packages
2023-08-07 12:07 - 2023-04-18 20:34 - 000082696 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfesec.sys
2023-08-07 12:07 - 2023-04-18 20:34 - 000018400 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfeelam.sys
2023-08-07 11:53 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-08-07 11:12 - 2019-02-18 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2023-08-06 23:21 - 2022-11-09 11:27 - 000000000 ____D C:\Users\David\Desktop\Ana
2023-08-06 18:22 - 2023-04-18 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2023-08-06 18:22 - 2022-09-16 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2023-08-06 18:22 - 2022-09-13 11:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freac - free audio converter
2023-08-06 18:22 - 2022-09-13 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2023-08-06 18:22 - 2022-06-07 19:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoFirma
2023-08-06 18:22 - 2021-12-19 21:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FabFilter
2023-08-06 18:22 - 2021-12-05 11:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 8
2023-08-06 18:22 - 2021-11-07 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picto-Selector
2023-08-06 18:22 - 2021-10-14 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER
2023-08-06 18:22 - 2021-05-20 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2023-08-06 18:22 - 2021-04-03 14:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2023-08-06 18:22 - 2021-03-25 23:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2023-08-06 18:22 - 2020-11-21 21:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snap Inc
2023-08-06 18:22 - 2020-06-29 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MI
2023-08-06 18:22 - 2020-06-28 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2023-08-06 18:22 - 2020-06-24 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neural DSP
2023-08-06 18:22 - 2020-06-08 20:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery
2023-08-06 18:22 - 2020-06-04 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toontrack
2023-08-06 18:22 - 2020-05-18 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite USB
2023-08-06 18:22 - 2020-05-18 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite Audio Engineering Ltd
2023-08-06 18:22 - 2020-05-08 08:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sigma
2023-08-06 18:22 - 2020-04-18 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)
2023-08-06 18:22 - 2020-04-10 18:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser
2023-08-06 18:22 - 2020-03-24 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2023-08-06 18:22 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2023-08-06 18:22 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\WCN
2023-08-06 18:22 - 2019-12-07 11:18 - 000000000 ____D C:\WINDOWS\Setup
2023-08-06 18:22 - 2019-12-07 11:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2023-08-06 18:22 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-08-06 18:22 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2023-08-06 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-08-06 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2023-08-06 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\spool
2023-08-06 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-08-06 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Help
2023-08-06 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-08-06 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-08-06 18:22 - 2019-06-21 09:40 - 000000000 ____D C:\Program Files\UNP
2023-08-06 18:22 - 2019-05-14 10:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK RTL8187 Wireless LAN Utility
2023-08-06 18:22 - 2019-05-07 12:32 - 000000000 ____D C:\WINDOWS\system32\RtlGina
2023-08-06 18:22 - 2019-03-11 12:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VCDS
2023-08-06 18:22 - 2019-03-09 01:02 - 000000000 ____D C:\WINDOWS\system32\ihvmanager
2023-08-06 18:22 - 2019-02-18 19:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 9.0 Sprint
2023-08-06 18:22 - 2019-02-18 19:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2023-08-06 18:22 - 2018-10-18 13:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 6
2023-08-06 18:22 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2023-08-06 18:22 - 2018-07-16 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-08-06 18:22 - 2018-05-07 23:43 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2023-08-06 18:22 - 2018-04-27 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2023-08-06 18:22 - 2018-04-18 19:06 - 000000000 ____D C:\Program Files\AMD
2023-08-06 18:22 - 2018-04-18 18:56 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2023-08-06 18:22 - 2018-04-18 18:56 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2023-08-06 18:22 - 2018-04-18 18:56 - 000000000 ____D C:\Program Files\Intel
2023-08-06 18:22 - 2018-04-18 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2023-08-06 18:21 - 2019-12-07 11:14 - 000000000 __RHD C:\Users\Public\Libraries
2023-08-06 18:21 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2023-08-06 18:19 - 2023-05-16 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
2023-08-06 18:19 - 2022-09-24 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STL Tonality
2023-08-06 18:19 - 2022-09-24 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STL Tones
2023-08-06 18:19 - 2021-04-03 14:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-Link
2023-08-06 18:19 - 2020-07-28 09:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plugin Boutique
2023-08-06 18:19 - 2020-05-21 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STL Ignite
2023-08-06 18:19 - 2020-05-18 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite
2023-08-06 18:19 - 2020-05-15 17:55 - 000000000 ____D C:\WINDOWS\Firmware
2023-08-06 18:19 - 2020-04-18 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2023-08-06 18:19 - 2020-04-07 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plugin Alliance
2023-08-06 18:19 - 2020-04-05 21:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ML Sound Lab
2023-08-06 18:19 - 2019-12-07 16:57 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-08-06 18:19 - 2019-12-07 16:57 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-08-06 18:19 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2023-08-06 18:19 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2023-08-06 18:19 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2023-08-06 18:19 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\winrm
2023-08-06 18:19 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\slmgr
2023-08-06 18:19 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2023-08-06 18:19 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-08-06 18:19 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-08-06 18:19 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2023-08-06 18:19 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-08-06 18:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2023-08-06 18:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-08-06 18:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-08-06 18:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Resources
2023-08-06 18:19 - 2018-04-27 20:14 - 000000000 ____D C:\Program Files\Realtek
2023-08-06 18:19 - 2018-04-18 18:56 - 000000000 ____D C:\WINDOWS\system32\Intel
2023-08-06 18:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2023-08-06 18:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2023-08-06 17:51 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-08-06 17:35 - 2019-12-07 16:56 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-08-06 17:34 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT
2023-08-06 17:34 - 2018-05-22 01:16 - 000000000 ___RD C:\Users\David\3D Objects
2023-08-06 17:34 - 2016-10-26 16:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-08-06 17:28 - 2019-12-07 11:14 - 000000000 __RSD C:\WINDOWS\Media
2023-08-06 17:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2023-08-06 17:28 - 2018-05-22 01:14 - 000023892 _____ C:\WINDOWS\system32\emptyregdb.dat
2023-08-06 17:26 - 2021-12-27 22:03 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2023-08-06 17:26 - 2021-11-07 19:28 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2023-08-06 17:26 - 2020-04-18 10:17 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2023-08-06 17:26 - 2019-02-18 19:38 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPSON Software
2023-08-06 17:26 - 2018-07-16 12:30 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-08-06 17:25 - 2022-09-13 11:21 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2023-08-06 17:25 - 2022-05-18 18:32 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Power Tab Software
2023-08-06 17:25 - 2021-12-22 17:09 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VGL
2023-08-06 17:25 - 2019-12-07 11:14 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2023-08-06 17:25 - 2018-05-22 01:11 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
2023-08-06 17:24 - 2018-04-27 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2023-08-06 17:24 - 2018-04-27 20:14 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2023-08-06 12:25 - 2018-09-08 01:05 - 000000000 ____D C:\Users\David\AppData\Local\D3DSCache
2023-08-06 12:02 - 2019-04-10 00:04 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2023-08-06 11:39 - 2018-10-05 11:15 - 000000000 ____D C:\Users\David\AppData\Roaming\uTorrent
2023-08-06 11:04 - 2018-07-15 23:56 - 000000000 ____D C:\Torrents
2023-08-04 14:17 - 2020-06-28 12:16 - 000000000 ____D C:\Program Files\Google
2023-08-04 14:08 - 2016-07-16 13:47 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts_old
2023-08-04 13:19 - 2018-04-18 18:55 - 000000000 ____D C:\Program Files\Dell
2023-08-04 13:14 - 2020-06-22 20:48 - 000000000 ____D C:\Users\David\AppData\Roaming\TeamViewer
2023-08-04 11:01 - 2018-04-27 20:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-04 10:49 - 2018-04-27 20:40 - 173351160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-08-04 10:02 - 2020-03-24 18:54 - 000001386 _____ C:\Users\Public\Desktop\Skype.lnk
2023-08-04 10:02 - 2020-03-24 18:54 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Skype for Desktop
2023-08-04 10:01 - 2021-03-25 23:55 - 000001059 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2023-08-04 10:01 - 2020-06-22 20:48 - 000000000 ____D C:\Users\David\AppData\Local\TeamViewer
2023-08-04 10:00 - 2020-05-31 12:19 - 000001146 _____ C:\Users\Public\Desktop\VLC media player.lnk
2023-08-04 09:59 - 2022-02-10 12:19 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-04 09:59 - 2018-07-16 12:30 - 000000000 ____D C:\Program Files\WinRAR
2023-08-04 00:12 - 2018-10-16 23:10 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Office
2023-08-03 19:42 - 2021-05-01 13:13 - 000000000 ____D C:\Users\David\AppData\Roaming\NCH Software
2023-08-03 19:42 - 2021-05-01 13:13 - 000000000 ____D C:\Program Files (x86)\NCH Software
2023-08-03 10:50 - 2021-08-16 15:14 - 000000000 ____D C:\Users\David\AppData\Local\Spotify
2023-08-02 11:48 - 2019-04-09 12:54 - 000000000 ____D C:\Users\David\AppData\Local\BitTorrentHelper
2023-08-02 10:59 - 2018-10-31 01:10 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-07-30 13:32 - 2018-10-16 23:07 - 000000000 ____D C:\Program Files\Microsoft Office
2023-07-30 13:27 - 2020-06-18 10:47 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-07-27 13:57 - 2019-02-10 20:13 - 000000000 ____D C:\Users\David\AppData\Roaming\DAEMON Tools Lite
2023-07-27 13:48 - 2022-08-27 11:43 - 000000000 ____D C:\Users\David\AppData\Local\ElevatedDiagnostics
2023-07-27 11:03 - 2019-08-28 17:59 - 000000000 ____D C:\Programas
2023-07-24 10:36 - 2018-07-01 17:41 - 000000000 ____D C:\Users\David\AppData\Local\PlaceholderTileLogoFolder
2023-07-19 20:51 - 2020-04-07 20:57 - 000000000 ____D C:\Users\David\Documents\REAPER Media
2023-07-17 20:12 - 2021-11-07 19:29 - 000000000 ____D C:\Users\David\Downloads\Telegram Desktop
2023-07-17 20:12 - 2021-11-07 19:28 - 000000000 ____D C:\Users\David\AppData\Roaming\Telegram Desktop

==================== Archivos en la raíz de algunos directorios ========

2020-10-29 20:00 - 2020-10-29 20:00 - 000000008 __RSH () C:\ProgramData\sysqcl1131236454.dat
2019-02-10 20:29 - 2017-10-23 23:05 - 000011290 _____ () C:\Users\David\AppData\Roaming\dwi.bmeth
2023-05-16 20:02 - 2023-05-16 20:03 - 000000016 _____ () C:\Users\David\AppData\Roaming\msregsvv.dll
2023-06-01 18:05 - 2023-06-01 18:18 - 000000132 _____ () C:\Users\David\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2019-02-10 20:29 - 2015-09-18 16:13 - 000937776 _____ (AutoIt Team) C:\Users\David\AppData\Roaming\wscript.exe
2019-01-14 13:15 - 2019-01-14 13:17 - 000534528 _____ (Dirección General de la Policía) C:\Users\David\AppData\Local\DNIeService.exe

==================== FLock ==============================

2018-05-21 23:32 C:\WINDOWS\UpdateAssistant

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Addition (parte 1)

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 06-08-2023
Ejecutado por David (08-08-2023 09:14:10)
Ejecutado desde C:\Users\David\Desktop
Microsoft Windows 10 Home Versión 22H2 19045.3271 (X64) (2023-08-06 15:34:42)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-456901426-2367040865-2536711323-500 - Administrator - Disabled)
David (S-1-5-21-456901426-2367040865-2536711323-1001 - Administrator - Enabled) => C:\Users\David
DefaultAccount (S-1-5-21-456901426-2367040865-2536711323-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-456901426-2367040865-2536711323-1000 - Limited - Disabled) => C:\Users\defaultuser0
Invitado (S-1-5-21-456901426-2367040865-2536711323-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-456901426-2367040865-2536711323-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: McAfee (Disabled - Up to date) {17E6E93C-6841-5FC7-DEB8-480FDC929279}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {2624E002-54CC-27F9-FD39-B2DD14D41191}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee (Disabled) {2FDD6819-222E-5E9F-F5E7-E13A2241D502}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.00.631.5823 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.631.5823 - ABBYY)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM-x32\...\{FE241076-B49A-4129-9DFD-08394BE497D7}) (Version: 4.54.110.4540 - Elcomsoft Co. Ltd.)
AMD Install Manager (HKLM\...\{8166070C-BAAC-6140-4F9D-D8DB556BA6C6}) (Version: 9.0.000.6 - Advanced Micro Devices, Inc.) Hidden
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.6 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2020.0226.0415.7659 - Advanced Micro Devices, Inc.)
Amped - Roots version 1.2.2 (HKLM\...\Amped - Roots_is1) (Version: 1.2.2 - )
Aplicaciones de Microsoft 365 para empresas - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.16626.20134 - Microsoft Corporation)
Apple Application Support (32 bits) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
Archetype Nolly (HKLM\...\{923A067F-9829-4DC4-AEF5-86E1DE61201B}) (Version: 2.0.0 - Neural DSP)
Archetype Nolly version 1.0.1 (HKLM\...\Archetype Nolly_is1) (Version: 1.0.1 - Neural DSP)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22402 - Microsoft Corporation)
AutoFirma (HKLM\...\AutoFirma) (Version: 1.7.2 - Gobierno de España)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
Comprobación de estado de PC Windows (HKLM\...\{8B474A92-CE3A-4F46-B6F1-6DFA1390F826}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Dell Digital Delivery Services (HKLM-x32\...\{4E63542A-F61E-4A6C-9732-13F3425C1758}) (Version: 4.0.34.0 - Dell Inc.)
Dell Mobile Connect Drivers (HKLM\...\{AAB336F0-6FC6-4BFE-AD7E-315FCDF20156}) (Version: 1.1.3750 - Screenovate Technologies Ltd.)
Dell Update for Windows Universal (HKLM\...\{B5318AB2-185E-408A-8ABE-0EDA416E92DB}) (Version: 4.9.0 - Dell Inc.)
Desinstalar impresora EPSON XP-302 303 305 306 Series (HKLM\...\EPSON XP-302 303 305 306 Series) (Version:  - SEIKO EPSON Corporation)
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
Dropbox (HKLM-x32\...\Dropbox) (Version: 179.4.4985 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.761.1 - Dropbox, Inc.) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.11.9.2259 - Steinberg Media Technologies GmbH)
Epson Easy Photo Print 2 (HKLM-x32\...\{02A312B5-1542-47B6-BFE9-F51358C39E86}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
Epson Manual de red EPSON XP-302 303 305 306 Series (HKLM-x32\...\EPSON XP-302 303 305 306 Series Netg) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
FabFilter Total Bundle (HKLM\...\FabFilter Total Bundle_is1) (Version: 2020.6 - FabFilter & Team V.R)
Focusrite Control 3.5.0.1754 (HKLM\...\Focusrite Control_is1) (Version: 3.5.0.1754 - Focusrite Audio Engineering Ltd.)
Focusrite Thunderbolt 4.25.0.335 (HKLM\...\Focusrite Thunderbolt_is1) (Version: 4.25.0.335 - Focusrite Audio Engineering Ltd.)
Focusrite USB 4.63.24.564 (HKLM\...\Focusrite USB_is1) (Version: 4.63.24.564 - Focusrite Audio Engineering, Ltd.)
Fortin Nameless Suite (HKLM\...\{45AD9FBA-8E6B-4F7E-880D-A7C1F40A3796}) (Version: 3.0.1 - Neural DSP)
fre:ac v1.1.7 (HKLM\...\fre:ac v1.1.7) (Version: 1.1.7 - )
Freemake Audio Converter versión 1.1.9 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.9 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 115.0.5790.171 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 79.0.2.0 - Google LLC)
IK Multimedia AmpliTube 5 (HKLM\...\AmpliTube 5_is1) (Version: 5.5.3 - IK Multimedia)
Intel(R) Chipset Device Software (HKLM\...\{81520FC5-3518-40E9-9803-70CE8A801D07}) (Version: 10.1.1.38 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10207.5567 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{09DAB6B6-FBEF-4AC5-AE93-BFF01A0B796D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{B557A9A1-D64B-43D7-B598-F7BAAE897CF3}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{3479FCE3-F7D2-4980-819A-767941440932}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{EBE12EC7-60DF-41C2-AAC8-0B2586F15C96}) (Version: 15.2.0.1020 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{FBC819D6-78B6-49AB-931E-3D127D43BE64}) (Version: 30.100.1725.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Manual de funcionamiento básico EPSON XP-302 303 305 306 Series (HKLM-x32\...\EPSON XP-302 303 305 306 Series Bog) (Version:  - )
Manual de usuario EPSON XP-302 303 305 306 Series (HKLM-x32\...\EPSON XP-302 303 305 306 Series Useg) (Version:  - )
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.12253.1 - Waves Audio Ltd.) Hidden
McAfee (HKLM\...\McAfee.WPS) (Version: 1.11.184.1 - McAfee, LLC)
McAfee Safe Connect (HKLM-x32\...\{82D8F05E-9F97-415F-8622-C65C6759EFC6}) (Version: 2.16 - McAfee, LLC.) Hidden
McAfee Safe Connect (HKLM-x32\...\{a6cf057b-0e6f-4367-9afe-6aeb5a6ca5a5}) (Version: 2.16 - McAfee, LLC.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 115.0.1901.188 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\OneDriveSetup.exe) (Version: 23.147.0716.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Teams) (Version: 1.6.00.6754 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{B81577B2-3AD0-4AFD-A19C-87F673C09D0C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{62678770-F459-4903-83E3-A2968F6CC242}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (HKLM-x32\...\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{08D2E121-7F6A-43EB-97FD-629B44903403}) (Version: 1.00.0000 - Adobe) Hidden
MIKKO (HKLM\...\{9777DB55-E2DB-4F00-9B32-4854642EAF51}) (Version: 1.2.0 - ML Sound Lab)
MIKKO2 (HKLM\...\{C8D0C8DE-D768-4F18-92B3-03CC23F21CF2}) (Version: 2.0.8 - ML Sound Lab)
Mozilla Firefox (x64 es-ES) (HKLM\...\Mozilla Firefox 102.0.1 (x64 es-ES)) (Version: 102.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 88.0.1 - Mozilla)
Mp3tag v3.17 (HKLM\...\Mp3tag) (Version: 3.17 - Florian Heidenreich)
Native Access 3.4.0 (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\c410b7d2-8fce-53b3-8332-e98b6e89a16a) (Version: 3.4.0 - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.2.8 - Native Instruments)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.7.1.0 - Native Instruments)
Native Instruments NTKDaemon (HKLM-x32\...\Native Instruments NTKDaemon) (Version: 1.12.0.0 - Native Instruments)
Neural DSP Archetype Cory Wong (HKLM\...\Archetype Cory Wong_is1) (Version: 1.0.0 - Neural DSP)
Neural DSP Archetype Gojira (HKLM\...\Archetype Gojira_is1) (Version: 1.0.0 - Neural DSP)
Neural DSP OMEGA Ampworks Granophyre (HKLM\...\OMEGA Ampworks Granophyre_is1) (Version: 1.0.0 - Neural DSP)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 29.1.3 - OBS Project)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.16626.20118 - Microsoft Corporation) Hidden
PACE License Support Win64 (HKLM\...\{CDDC4CA3-FBF0-46c3-8EB1-B001EA7FDA55}) (Version: 5.2.1.3096 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{CDDC4CA3-FBF0-46c3-8EB1-B001EA7FDA55}) (Version: 5.2.1.3096 - PACE Anti-Piracy, Inc.)
Paquete de controladores de Windows - Ross-Tech HIDClass  (02/13/2014 6.3.0.2) (HKLM\...\5E356C0921BECEC7743BAC21F6B7A5775044AFC0) (Version: 02/13/2014 6.3.0.2 - Ross-Tech)
Paquete de controladores de Windows - Ross-Tech USB Driver Package (05/12/2014 2.10.00) (HKLM\...\88B02C4BD09AA7910C55C4E74BE8F036244B5CF9) (Version: 05/12/2014 2.10.00 - Ross-Tech)
Parallax (HKLM\...\{F65DF0A2-68AA-41DA-82C0-93E762A2D170}) (Version: 2.0.1 - Neural DSP)
PDF Architect 6 (HKLM-x32\...\PDF Architect 6) (Version: 6.1.19.842 - pdfforge GmbH)
PDF Architect 6 Create Module (HKLM\...\{A0ACB885-7CDD-4E43-9109-E49CF70E4039}) (Version: 6.1.24.1862 - pdfforge GmbH) Hidden
PDF Architect 6 Edit Module (HKLM\...\{FC39343C-732F-433E-9929-F9D08BA73792}) (Version: 6.1.24.1862 - pdfforge GmbH) Hidden
PDF Architect 6 View Module (HKLM\...\{7FFD0E0F-478A-4393-BBB0-4B20FAF5F3B7}) (Version: 6.1.24.1862 - pdfforge GmbH) Hidden
PDF Architect 8 Edit Module (HKLM\...\{C0F370AC-91F0-4AF0-8974-E61F91830082}) (Version: 8.0.56.12577 - pdfforge GmbH)
PDF Architect 8 OCR Module (HKLM\...\{EA02E09A-24BE-4B80-BDE5-FA227FDE8C19}) (Version: 8.0.56.12577 - pdfforge GmbH)
PDF Architect 8 OCR TESS Module (HKLM\...\{C77539BB-2983-4F47-815E-CABBC27EEFC4}) (Version: 8.0.56.12577 - pdfforge GmbH)
PDF Architect 8 View Module (HKLM\...\{742A4199-7DB6-4830-95C4-570D5CB709AF}) (Version: 8.0.56.12577 - pdfforge GmbH)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Picto-Selector 1.8 (HKLM-x32\...\{8032E8DE-1764-4F00-B19E-EF2DBBDB649B}_is1) (Version:  - M.C. van der Kooij)
Pixillion, convertidor de archivos de imagen (HKLM-x32\...\Pixillion) (Version: 10.20 - NCH Software)
Plugin Boutique Scaler 2 (HKLM\...\Scaler 2_is1) (Version: 2.0.6 - Plugin Boutique)
Power Tab Editor 1.7 (HKLM-x32\...\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}) (Version: 1.7.0 - Power Tab Software)
Pulse Application Launcher (HKLM-x32\...\{A06B0A43-5108-43AE-9C97-4D73AE1A0F78}) (Version: 9.0.1151 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Pulse_Setup_Client) (Version: 9.0.2.1151 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Pulse_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Pulse Secure Setup Client Activex Control (HKLM-x32\...\Pulse_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10480 - Qualcomm)
Qualcomm Unified Wireless Suite (HKLM-x32\...\{6CFE6F33-3D69-4B9C-AA20-FF1F8CB064D5}) (Version: 11.0.0.10394 - Qualcomm)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.50.511.2021 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8895.1 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10586.11213 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{0DF70CB6-553A-4C57-8E6D-87635EECFB78}) (Version: 1.00.0125 - REALTEK Semiconductor Corp.)
REAPER (HKLM-x32\...\REAPER) (Version:  - )
REAPER (x64) (HKLM\...\REAPER) (Version: 6.79 - Cockos Incorporated)
Sigma version 1.0.2 (HKLM\...\Sigma_is1) (Version: 1.0.2 - )
Skype versión 8.100 (HKLM-x32\...\Skype_is1) (Version: 8.100 - Skype Technologies S.A.)
SmartByte Drivers and Services (HKLM\...\{A0CDAD3D-0329-4E3E-8DC1-30E333D6564D}) (Version: 3.1.995 - Rivet Networks)
Snap Camera 1.10.0 (HKLM-x32\...\{024A6CF5-627D-497F-980B-B9A6EC5C40AF}_is1) (Version: 1.10.0 - Snap Inc.)
Soporte para el iPod (HKLM\...\{E8676067-68D7-483A-BC2B-A7FF808077E2}) (Version: 120.7.3.55 - Apple Inc.)
Spotify (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Spotify) (Version: 1.1.89.862.g94554d24 - Spotify AB)
Steinberg Cubase 10.0.40 Pro RC3 (HKLM\...\{14EF9A03-484C-4A5A-B91F-02634DC911A5}) (Version: RC3 - Team DC - V.R- Zaka1 - Mono 2020®)
STL Ignite Libra (HKLM\...\Libra_is1) (Version: 1.2.0 - STL Ignite)
STL Tonality Andy James (HKLM\...\Andy James_is1) (Version: 1.0.1 - STL Tonality)
STL Tones STL Tonality - Howard Benson (HKLM\...\STL Tonality - Howard Benson_is1) (Version: 1.0.2b - STL Tones)
Superior Drummer 3 64-bit (HKLM\...\{601B23D3-45DC-4B2B-BAEB-FACA2F9A3656}) (Version: 3.0.1 - Toontrack)
Tales Of Monkey Insland Gold (HKLM-x32\...\Tales Of Monkey Insland Gold) (Version:  - )
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.2781 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.44.5 - TeamViewer)
Telegram Desktop (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.8.1 - Telegram FZ-LLC)
Toontrack EZdrummer 2.1.8 (HKLM\...\EZdrummer_is1) (Version: 2.1.8 - Toontrack & Team V.R)
Toontrack Superior Drummer 3.1.7 (HKLM\...\Superior Drummer 3_is1) (Version: 3.1.7 - Toontrack & Team V.R)
TP-Link PLC Utility (HKLM-x32\...\{88BC1EEA-0E0D-4016-B892-5FE92C01845A}) (Version: 2.3.3960.1 - TP-Link) Hidden
TP-Link PLC Utility (HKLM-x32\...\InstallShield_{88BC1EEA-0E0D-4016-B892-5FE92C01845A}) (Version: 2.3.3960.1 - TP-Link)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{CC1FE5D3-78A8-4EC4-AB83-B5EF8DC4118D}) (Version: 1.16.0.0 - Microsoft Corporation) Hidden
VCDS Release 15.7.1 (HKLM-x32\...\VCDS Release) (Version: 15.7.1 - Ross-Tech)
VGL (HKLM-x32\...\{9B4E0A2E-9475-4D0F-ACBD-D73727C1D51A}) (Version: 1.0 - TSC)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Vulkan Run Time Libraries 1.0.21.0 (HKLM\...\VulkanRT1.0.21.0) (Version: 1.0.21.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WebAdvisor de McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.827 - McAfee, LLC)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 115.0.1901.188 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 6.23 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.23.0 - win.rar GmbH)
Xiaomi Cloud (HKLM\...\dbd7cffb-9b67-55a5-b1a3-aabba639e500) (Version: 1.0.16 - 小米科技有限责任公司)
Zoom (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2022-08-15] (Autodesk Inc.)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-08-15] (Microsoft Corporation)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.0.64.0_x64__htrsf667h5kn2 [2023-02-14] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.9.14.0_x86__htrsf667h5kn2 [2023-05-15] (Dell Inc)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa [2023-06-08] (Apple Inc.) [Startup Task]
McAfee® Security -> C:\Program Files\McAfee\WPS\1.11.184.1 [2023-08-07] ()
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-08-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-08-06] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-08-15] (Netflix, Inc.)
One Calendar -> C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2023.508.1.0_x64__8kea50m9krsh2 [2023-05-22] (Code Spark)
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.607.100_x64__8wekyb3d8bbwe [2023-06-15] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-21] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2330.7.0_x64__cv1g1gvanyjgm [2023-08-03] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.2 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2023-07-19] (Microsoft Corp.)
WinAppRuntime.Main.1.3 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.3_3000.882.2207.0_x64__8wekyb3d8bbwe [2023-08-07] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_3000.934.1904.0_x64__8wekyb3d8bbwe [2023-07-27] (Microsoft Corp.)
Windows App Runtime DDLM 2000.802.31.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.802.31.0-x6_2000.802.31.0_x64__8wekyb3d8bbwe [2023-07-19] (Microsoft Corporation)
Windows App Runtime DDLM 2000.802.31.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.802.31.0-x8_2000.802.31.0_x86__8wekyb3d8bbwe [2023-07-19] (Microsoft Corporation)
Windows App Runtime DDLM 3000.882.2207.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3000.882.2207.0-x6_3000.882.2207.0_x64__8wekyb3d8bbwe [2023-08-07] (Microsoft Corporation)
Windows App Runtime DDLM 3000.882.2207.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3000.882.2207.0-x8_3000.882.2207.0_x86__8wekyb3d8bbwe [2023-08-07] (Microsoft Corporation)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-456901426-2367040865-2536711323-1001_Classes\CLSID\{04271989-C4D2-4135-C564-1FD9BCC03C8A} -> [OneDrive - Educantabria] => C:\Users\David\OneDrive - Educantabria [2022-12-09 11:10]
CustomCLSID: HKU\S-1-5-21-456901426-2367040865-2536711323-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23061.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-456901426-2367040865-2536711323-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-456901426-2367040865-2536711323-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => Ningún archivo
CustomCLSID: HKU\S-1-5-21-456901426-2367040865-2536711323-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\David\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-456901426-2367040865-2536711323-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\David\Dropbox [2018-10-31 01:23]
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-07] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-07] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-07] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-07] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-07] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\WPS\1.11.184.1\mc-ctxmnu.dll [2023-08-07] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-07-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers1: [PDFArchitect6_ManagerExt] -> {6508EEA0-C540-4420-AF21-64937A1536D0} => C:\Program Files\PDF Architect 6\context-menu.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PDFArchitect8_ManagerExt] -> {DDD1CFB8-3C9C-4269-B905-43CC309D569E} => C:\Program Files\PDF Architect 8\context-menu.dll [2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-07-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-07] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-07-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-07] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxDTCM.dll [2020-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\WPS\1.11.184.1\mc-ctxmnu.dll [2023-08-07] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2019-12-04 03:49 - 2019-12-04 03:49 - 000017920 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 003567616 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-02-26 05:05 - 2020-02-26 05:05 - 001518592 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2016-09-19 20:36 - 2016-09-19 20:36 - 002640896 _____ (Atheros Communications) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\DiagAPI.dll
2016-09-19 20:36 - 2016-09-19 20:36 - 000250880 _____ (Quacomm Atheros, Inc.) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\awic\DCWlan.dll
2016-09-19 20:35 - 2016-09-19 20:35 - 000129024 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\awic\ipc.dll
2016-09-19 20:35 - 2016-09-19 20:35 - 000124928 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\awic\TCPConnection.dll
2016-09-19 20:35 - 2016-09-19 20:35 - 000244736 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\awic\utils.dll
2016-09-19 20:38 - 2016-09-19 20:38 - 000153600 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\en-US\AWiCDiag.dll.mui
2016-09-19 20:35 - 2016-09-19 20:35 - 000129024 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\ipc.dll
2016-09-19 20:35 - 2016-09-19 20:35 - 000124928 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\TCPConnection.dll
2016-09-19 20:35 - 2016-09-19 20:35 - 000244736 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\utils.dll
2016-09-19 20:35 - 2016-09-19 20:35 - 000129024 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ipc.dll
2016-09-19 20:35 - 2016-09-19 20:35 - 000129024 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\spectral\ipc.dll
2016-09-19 20:35 - 2016-09-19 20:35 - 000124928 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\spectral\TCPConnection.dll
2016-09-19 20:35 - 2016-09-19 20:35 - 000244736 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\spectral\utils.dll
2016-09-19 20:35 - 2016-09-19 20:35 - 000124928 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\TCPConnection.dll
2016-09-19 20:35 - 2016-09-19 20:35 - 000244736 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\utils.dll
2005-01-13 11:47 - 2005-01-13 11:47 - 000049152 _____ (SEIKO EPSON CORP.) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\ESPSUTL.dll
2011-04-14 10:25 - 2011-04-14 10:25 - 000206336 _____ (SEIKO EPSON CORP.) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\ScnCom10.dll
2011-04-14 10:25 - 2011-04-14 10:25 - 000082944 _____ (SEIKO EPSON CORP.) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\ScnEps25.dll
2011-04-14 10:25 - 2011-04-14 10:25 - 000055808 _____ (SEIKO EPSON CORP.) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\ScnMgr10.dll
2011-11-25 18:47 - 2011-11-25 18:47 - 000110080 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 18:39 - 2009-10-21 18:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2011-04-14 10:16 - 2011-04-14 10:16 - 000136704 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\ScanEngine30.dll
2019-02-18 19:39 - 2012-11-12 16:15 - 000558592 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\WINDOWS\System32\enppmon.dll
2019-02-18 19:39 - 2012-10-22 18:19 - 000219648 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\WINDOWS\System32\enpres.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000031744 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000039424 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000031744 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000413696 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000025088 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000025088 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000023552 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000519168 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 001431040 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 001180672 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000135680 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-02-26 04:13 - 2020-02-26 04:13 - 006010880 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-12-04 03:48 - 2019-12-04 03:48 - 006345216 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-12-04 03:48 - 2019-12-04 03:48 - 001078272 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-12-04 03:48 - 2019-12-04 03:48 - 000313856 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-12-04 03:48 - 2019-12-04 03:48 - 004000256 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-12-04 03:48 - 2019-12-04 03:48 - 003802624 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-12-04 03:48 - 2019-12-04 03:48 - 000171008 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2019-12-04 03:48 - 2019-12-04 03:48 - 001083904 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2019-12-04 03:48 - 2019-12-04 03:48 - 000205312 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2019-12-04 03:48 - 2019-12-04 03:48 - 000329728 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-12-04 03:48 - 2019-12-04 03:48 - 000113152 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-12-04 03:48 - 2019-12-04 03:48 - 000376320 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 092323328 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 005560832 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000463360 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000188416 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 002888704 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000053760 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000059392 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000017408 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000287232 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000329216 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000136192 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000089088 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000312320 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000017920 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-02-26 04:13 - 2020-02-26 04:13 - 000085504 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

Addition (parte 2)

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\David Lozano - Portafolio Prácticum AL.docx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\David\Downloads\ChromeSetup (2).exe:MBAM.Zone.Identifier [406]
AlternateDataStreams: C:\Users\David\Downloads\FRST64.exe:MBAM.Zone.Identifier [240]
AlternateDataStreams: C:\Users\David\Downloads\MediaCreationTool22H2.exe:MBAM.Zone.Identifier [184]
AlternateDataStreams: C:\Users\David\Downloads\MSEInstall.exe:MBAM.Zone.Identifier [184]
AlternateDataStreams: C:\Users\David\Downloads\Vídeo día del libro Julia.mp4:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\David\Documents\SEMANA 1 (prácticas AL).docx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\David\Documents\SEMANA 2 (prácticas AL).docx:com.dropbox.attrs [54]

==================== Modo Seguro (Lista blanca) ==================

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
BHO: PDF Architect 8 Helper -> {158C3474-46E4-49FB-9767-45B6B62BF2FF} -> C:\Program Files\PDF Architect 8\creator\plugins\IEAddin\creator-ie-helper.dll [2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
BHO: PDF Architect 6 Helper -> {9FD094B1-A4BF-415A-82AE-8C2845D0B769} -> C:\Program Files\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: PDF Architect 8 Helper -> {158C3474-46E4-49FB-9767-45B6B62BF2FF} -> C:\Program Files (x86)\PDF Architect 8\creator\plugins\IEAddin\creator-ie-helper.dll [2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: PDF Architect 6 Helper -> {9FD094B1-A4BF-415A-82AE-8C2845D0B769} -> C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
Toolbar: HKLM - PDF Architect 6 Toolbar - {E8536605-CA24-4DFF-B1BC-316EE27F6DF7} - C:\Program Files\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Toolbar: HKLM - PDF Architect 8 Toolbar - {20DAE01A-E7B4-4499-8CB5-5939490F25A0} - C:\Program Files\PDF Architect 8\creator\plugins\IEAddin\creator-ie-plugin.dll [2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - PDF Architect 6 Toolbar - {E8536605-CA24-4DFF-B1BC-316EE27F6DF7} - C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - PDF Architect 8 Toolbar - {20DAE01A-E7B4-4499-8CB5-5939490F25A0} - C:\Program Files (x86)\PDF Architect 8\creator\plugins\IEAddin\creator-ie-plugin.dll [2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\line6.net -> line6.net
IE trusted site: HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\sharepoint.com -> hxxps://educantabria-files.sharepoint.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2016-07-16 13:47 - 2023-08-06 11:18 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKU\S-1-5-21-456901426-2367040865-2536711323-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\backgroundDefault.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: ABBYY.Licensing.FineReader.Sprint.9.0 => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: cplspcon => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: Dell Digital Delivery Services => 2
MSCONFIG\Services: DellClientManagementService => 2
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: esifsvc => 2
MSCONFIG\Services: Focusrite Control Server => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: igfxCUIService2.0.0.0 => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McAfee WebAdvisor => 2
MSCONFIG\Services: mccspsvc => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NTKDaemonService => 2
MSCONFIG\Services: PaceLicenseDServices => 2
MSCONFIG\Services: PDF Architect 6 => 3
MSCONFIG\Services: PDF Architect 6 Creator => 2
MSCONFIG\Services: PDF Architect 6 Update Service => 2
MSCONFIG\Services: PDF Architect 8 => 3
MSCONFIG\Services: PDF Architect 8 Creator => 3
MSCONFIG\Services: Realtek87L => 2
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: RtkAudioService => 2
MSCONFIG\Services: SafeConnectService => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: WavesSysSvc => 2

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{261DBF91-BDD2-48FB-AAD5-F33F8460A674}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AD7B6211-92D4-4026-9871-93B00DCBED8D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{82DCFCAE-A66F-4F33-9E0A-FC589D5825D2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{97A5FCED-2F0D-42AB-9506-BEA277C3D1F1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D6E492E1-458F-4573-8CF5-ADC0FFBC9BDD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D6F7F375-04F5-4A0B-9F95-418886908FC7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6C4AB28B-94D2-49C6-85F3-740081ABEF4E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5734C039-428F-4091-9C10-5E68DC629BFA}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{BA5C7F63-5441-4D59-A99A-B4DFD5A48764}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{CBA89FB7-9692-4C9A-B8BC-492B1381751D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{58983AC0-601C-41EA-992E-5E54B88FF0CB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CE4951E4-3D8F-4F48-AAC3-4B6D219F1DEC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{89F352C3-AAB3-4107-A0F6-26662ED285CB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2D3891B8-D2D9-4555-9166-36D6FB8EE8EF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.188\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B45080F9-6B42-49EF-A681-A82FB491B7C8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{072767D2-2103-4096-9187-192CD87ADE22}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{5F513007-CCF3-417E-B19F-510F54CA76D7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{853CF49B-FBD1-44B1-8702-E2666A4BEB1C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{B55379C0-F647-4E65-BFCF-55CBF0E59C42}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{BF2B48B6-BF9B-46E4-B46F-54A068CA7A9B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{7A49C836-C121-42E4-8C77-6C521A8BFADE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{B1AF5D4D-2912-41F8-9889-71F3293848D6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{60392A20-E6DB-4DB0-92A0-2B8109C6714B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{058F0B1C-46BA-4416-93C6-B24F4942CF4C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F159EABD-1B82-404B-87F6-4AA621473A9A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{9F207A1B-844B-4A99-81E4-71122E1319C8}C:\users\david\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\david\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{59BF128E-7C7B-4010-B266-DF4F6EDEEDAC}C:\users\david\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\david\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{5C84F87C-FE44-47B1-AFC3-EA5F6D8AC680}C:\users\david\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\david\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{ED4767CE-6C2E-4DAF-A300-9035DB4BA7B3}C:\users\david\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\david\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9330EE2B-012A-4439-ACA2-35851203600B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => Ningún archivo
FirewallRules: [{AD86CE3F-3164-4F59-91F3-AC395E7DD6F3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => Ningún archivo
FirewallRules: [{99CE0C91-63AE-471B-BF52-337567C333E0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CCE650AB-7AD0-4091-9613-242FE3CA5FCE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E918BFBF-92E8-4A0F-9C47-493D5BA76BB3}] => (Allow) C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe (Focusrite Audio Engineering Ltd.) [Archivo no firmado]
FirewallRules: [{5D1163DD-CD2A-4FF9-A277-F3D1CDE92D25}] => (Allow) LPort=53
FirewallRules: [{E173F94D-5E66-4E77-A9B2-30D49BF22315}] => (Allow) LPort=1542
FirewallRules: [{16CEF79A-85CF-4E0D-B0D0-585350191575}] => (Allow) LPort=1542
FirewallRules: [{D7D534DF-D2D2-4766-AC31-DBE6199E8E33}] => (Allow) C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.) [Archivo no firmado]
FirewallRules: [{56040C8C-B7B4-46E3-B161-757062373297}] => (Allow) C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.) [Archivo no firmado]
FirewallRules: [{F422BCE0-EF09-4B7C-9436-07CD3ABD0406}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{9DFCD113-0851-4E1E-A202-D40CE62076C8}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{901315B2-5259-4D94-B732-DD022277B237}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{8194FC41-AFBC-434F-A9B4-5967D108537D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{2E1B09BA-8FA6-450F-A7D9-386E1D611FD0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{41BA781B-1EA1-49AD-A615-0E0B396D115A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{625A9F40-520B-4872-A862-2668F44F0908}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5FCF399C-917D-4BB9-B5FF-89E6181D2ACD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1F36858C-9F7B-40DD-9471-06D75D1D48DD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{114BCCEB-8405-4AF6-895A-D32AB135F7BB}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => Ningún archivo
FirewallRules: [{6C211ACA-E16D-46EE-A7CC-95A91804CF87}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => Ningún archivo
FirewallRules: [{E6DAE4C4-CE29-4B1A-BD04-178F4877B2B1}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => Ningún archivo
FirewallRules: [{F4F91559-B9F3-4224-90AC-510472B55B90}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => Ningún archivo
FirewallRules: [{B4030E73-0772-46C4-8833-9CDA03676263}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{A1F80FE7-479A-46EB-8AF4-42DE3C12C820}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{F40026A9-E2DE-4271-B6C0-842EAD9BD618}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => Ningún archivo
FirewallRules: [{AD8BA9F2-1779-4DCE-AFB1-F32945BA8C6E}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe => Ningún archivo
FirewallRules: [{B6F48DC1-968A-4CBB-932D-D65E2E611A74}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe => Ningún archivo
FirewallRules: [{BB685763-EFD5-48E3-801F-B52D106DD6EB}] => (Allow) C:\Users\David\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{0669E336-67D6-41E8-B59F-1C8524D9FAB6}] => (Allow) C:\Users\David\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{0DCB722E-AD67-4DA7-8A6B-641CB8C90A36}] => (Allow) C:\Users\David\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

==================== Puntos de Restauración =========================


==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (08/08/2023 09:01:19 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: SafeConnect.Entry.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.NullReferenceException
   en SafeConnect.Core.APP.Utils.PolicyManager+<LoadPolicy>d__10.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task)
   en System.Runtime.CompilerServices.TaskAwaiter.GetResult()
   en SafeConnect.Core.APP.App+<AppSettingsInitialization>d__29.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task)
   en System.Runtime.CompilerServices.TaskAwaiter.GetResult()
   en SafeConnect.Core.APP.App+<OnStartup>d__27.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   en System.Windows.Threading.DispatcherOperation.InvokeImpl()
   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   en MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   en System.Windows.Threading.DispatcherOperation.Invoke()
   en System.Windows.Threading.Dispatcher.ProcessQueue()
   en System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   en MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   en MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   en System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   en MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   en MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   en System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   en System.Windows.Application.RunDispatcher(System.Object)
   en System.Windows.Application.RunInternal(System.Windows.Window)
   en <Module>.StartupRun()

Error: (08/07/2023 10:53:14 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: SafeConnect.Entry.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.NullReferenceException
   en SafeConnect.Core.APP.Utils.PolicyManager+<LoadPolicy>d__10.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task)
   en System.Runtime.CompilerServices.TaskAwaiter.GetResult()
   en SafeConnect.Core.APP.App+<AppSettingsInitialization>d__29.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task)
   en System.Runtime.CompilerServices.TaskAwaiter.GetResult()
   en SafeConnect.Core.APP.App+<OnStartup>d__27.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   en System.Windows.Threading.DispatcherOperation.InvokeImpl()
   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   en MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   en System.Windows.Threading.DispatcherOperation.Invoke()
   en System.Windows.Threading.Dispatcher.ProcessQueue()
   en System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   en MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   en MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   en System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   en MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   en MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   en System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   en System.Windows.Application.RunDispatcher(System.Object)
   en System.Windows.Application.RunInternal(System.Windows.Window)
   en <Module>.StartupRun()

Error: (08/07/2023 08:56:59 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.

Error: (08/07/2023 02:05:31 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: SafeConnect.Entry.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.NullReferenceException
   en SafeConnect.Core.APP.Utils.PolicyManager+<LoadPolicy>d__10.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task)
   en System.Runtime.CompilerServices.TaskAwaiter.GetResult()
   en SafeConnect.Core.APP.App+<AppSettingsInitialization>d__29.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task)
   en System.Runtime.CompilerServices.TaskAwaiter.GetResult()
   en SafeConnect.Core.APP.App+<OnStartup>d__27.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   en System.Windows.Threading.DispatcherOperation.InvokeImpl()
   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   en MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   en System.Windows.Threading.DispatcherOperation.Invoke()
   en System.Windows.Threading.Dispatcher.ProcessQueue()
   en System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   en MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   en MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   en System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   en MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   en MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   en System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   en System.Windows.Application.RunDispatcher(System.Object)
   en System.Windows.Application.RunInternal(System.Windows.Window)
   en <Module>.StartupRun()

Error: (08/07/2023 11:31:44 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: SafeConnect.Entry.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.NullReferenceException
   en SafeConnect.Core.APP.Utils.PolicyManager+<LoadPolicy>d__10.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task)
   en System.Runtime.CompilerServices.TaskAwaiter.GetResult()
   en SafeConnect.Core.APP.App+<AppSettingsInitialization>d__29.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task)
   en System.Runtime.CompilerServices.TaskAwaiter.GetResult()
   en SafeConnect.Core.APP.App+<OnStartup>d__27.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   en System.Windows.Threading.DispatcherOperation.InvokeImpl()
   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   en MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   en System.Windows.Threading.DispatcherOperation.Invoke()
   en System.Windows.Threading.Dispatcher.ProcessQueue()
   en System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   en MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   en MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   en System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   en MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   en MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   en System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   en System.Windows.Application.RunDispatcher(System.Object)
   en System.Windows.Application.RunInternal(System.Windows.Window)
   en <Module>.StartupRun()

Error: (08/07/2023 11:27:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: sihost.exe, versión: 10.0.19041.746, marca de tiempo: 0x0ead4601
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.19041.3155, marca de tiempo: 0xbf300201
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000012d8b2
Identificador del proceso con errores: 0xf1c
Hora de inicio de la aplicación con errores: 0x01d9c91167531299
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\sihost.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll
Identificador del informe: 51d948bb-69f3-43af-a1ec-8a2cee8890b6
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (08/07/2023 11:27:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: sihost.exe, versión: 10.0.19041.746, marca de tiempo: 0x0ead4601
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.19041.3155, marca de tiempo: 0xbf300201
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000012d8b2
Identificador del proceso con errores: 0x1d28
Hora de inicio de la aplicación con errores: 0x01d9c91165ee5f09
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\sihost.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll
Identificador del informe: facb49ab-c754-4877-984b-f51dbbc70370
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (08/07/2023 11:27:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: sihost.exe, versión: 10.0.19041.746, marca de tiempo: 0x0ead4601
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.19041.3155, marca de tiempo: 0xbf300201
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000012d8b2
Identificador del proceso con errores: 0x2acc
Hora de inicio de la aplicación con errores: 0x01d9c91164880a65
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\sihost.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll
Identificador del informe: fc50de57-4189-45db-9619-a9022894711a
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


Errores del sistema:
=============
Error: (08/08/2023 12:17:47 AM) (Source: volsnap) (EventID: 25) (User: )
Description: Se eliminaron las instantáneas del volumen C: porque el almacenamiento de instantáneas no se completó a tiempo. Considere reducir la carga de E/S en el sistema o elija un volumen de almacenamiento de instantáneas del que no se esté haciendo una instantánea.

Error: (08/07/2023 10:53:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio mc-fw-host.

Error: (08/07/2023 02:03:08 PM) (Source: DCOM) (EventID: 10000) (User: WINDELL-14BP45B)
Description: No se puede iniciar un servidor DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Error 
"2147942767"
al iniciar este comando:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (08/07/2023 01:50:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio Hacer clic y ejecutar de Microsoft Office terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (08/07/2023 01:50:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AtherosSvc se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (08/07/2023 01:50:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Waves Audio Services se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (08/07/2023 01:50:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Dynamic Application Loader Host Interface Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (08/07/2023 01:50:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio SAS Core Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1000 milisegundos: Reiniciar el servicio.


CodeIntegrity:
===============
Date: 2023-08-08 09:07:52
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\McAfee\WPS\1.11.184.1\mc-sec-plugin-x64.dll that did not meet the Windows signing level requirements.

Date: 2023-08-08 09:07:38
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\McAfee\WPS\1.11.184.1\mc-sec-plugin-x64.dll that did not meet the Windows signing level requirements.


==================== Información de la memoria =========================== 

BIOS: Dell Inc. 1.2.8 05/22/2019
Placa base: Dell Inc. 05VRRG
Procesador: Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz
Porcentaje de memoria en uso: 32%
RAM física total: 16282.63 MB
RAM física disponible: 10924.77 MB
Virtual total: 19866.63 MB
Virtual disponible: 13693.59 MB

==================== Unidades ================================

Drive c: (Windows) (Fixed) (Total:237.03 GB) (Free:30.3 GB) (Model: SanDisk X400 2.5 7MM 256GB) NTFS
Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:0.61 GB) (Model: SanDisk X400 2.5 7MM 256GB) FAT32

\\?\Volume{90f9eb0c-405f-4d71-a3e3-654cb83357d6}\ (WinRE) (Fixed) (Total:0.39 GB) (Free:0.38 GB) NTFS
\\?\Volume{6d2271ac-5bc7-4adf-91a7-ff6d798a283f}\ () (Fixed) (Total:0.83 GB) (Free:0.27 GB) NTFS
\\?\Volume{b27b9f3f-ebb0-4f97-bd09-77138d8fb90e}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Final de Addition.txt =======================

Nadie me puede ayudar?

Creo que voy a tener que formatear el ordenador…

Hola buenas @Davidian, bienvenido foro. Al ser nuevo te recomiendo que te leas las políticas de este. No porque hayas hecho nada mal, sino para saber más acerca del funcionamiento de este.

He revisado muy rápidamente tus logs así a ojo y más menos ya tengo localizados los puntos donde se aloja y carga el malware en tu sistema. He visto que has intentado usar DTKILL, buen intento, pero… a esta versión que tienes del malware no lo podrás eliminar de esta forma.

Armar el script entero al 100 x 100 de mi parte requiere algo de tiempo… Dime:

¿Sigues necesitando ayuda acerca del problema qué comentaste inicialmente en este tema? Si es así te armo el Script.

Si es así, dímelo y atenderé tu caso.

Salu2.

Muy buenas Marr0n. Efectivamente sigo necesitando ayuda. El tiempo que te lleve no te precupes. Muchas gracias por ayudarme!!

Hago un ‘up’ del tema que sigo necesitando ayuda

Muy buenas, Sigo necesitando ayuda con este tema por favor. Si no, no encuentro mas remedio que formatear el ordenador…

Hola buenas @Davidian en primer lugar mis disculpas en que haya tardado tanto en responder. Pues recientemente tuve que someterme a una compleja cirugía médica y esto me ha dejado K.O. durante un mes y algo.

Ok. De nada.

OK.

Vamos allá.

Como los logs que has puesto de FRST ya tienen bastante tiempo y no me pude dedicar a ello por lo que te he dicho… pondrás logs nuevos de FRST. Pues necesito logs de FRST lo más frescos posible para afrontar con éxito la eliminación de malware de tu máquina. Ya que si son antiguos es como “tener una foto” de las entrañas de tu máquina de hace varios meses y lo que necesito es una foto de las entrañas de tu máquina, pero que esta sea la más actual posible. Espero que se haya entendido este “simil”.

[color=#2271b3] EN BUSCA / ELIMINACIÓN DE MALWARE [/color]

Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

[color=#ff00]LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE[/color] (y no en otro sitio).

Descargas Farbar Recovery Scan Tool [color=#ff00]MUY IMPORTANTE[/color] >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?

Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

Farbar Recovery Scan Tool

1. Ejecutas el FRST.exe[size=2] (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).[/size]

2. Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.

3. En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.

4. Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.

[color=#ff00]Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado.[/color] [color=#ff00]También conectas nuevamente tu equipo a Internet.[/color]

[color=#2271b3] PRÓXIMA RESPUESTA[/color]

Pegas los reportes de FRST.txt y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).

NOTA IMPORTANTE

[color=#ff0000]Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:[/color]

• No realices pasos/acciones que NOSOTROS no te hayamos indicado.
• No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
• No instales NADA (programas/software/complementos/extensiones del navegador…).
• No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
• No realices por tu cuenta otros procedimientos.
• Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

La salud es lo primero.

Faltaria mas, te estoy infinitamente agradecido de que me ayudes con esto!

Ahi van los logs actualizados siguiendo tus instrucciones:

FRST (parte 1)

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 06-08-2023
Ejecutado por David (administrador) sobre WINDELL-14BP45B (Dell Inc. Inspiron 5567) (02-11-2023 22:01:12)
Ejecutado desde C:\Users\David\Desktop\FRST64 (1).exe
Perfiles cargados: David
Plataforma: Microsoft Windows 10 Home Versión 22H2 19045.3570 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\awic\AWiCMgr.exe ->) (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\AWiCDiag.exe
(C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\Wcct.exe ->) () [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\spectral\SocketServer.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\83.0.2.0\crashpad_handler.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(ctfmon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(DriverStore\FileRepository\c0354716.inf_amd64_f71e4ad1ddbb6e3d\B352547\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0354716.inf_amd64_f71e4ad1ddbb6e3d\B352547\atieclxx.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxEM.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(Elcomsoft s.r.o. -> Elcomsoft) C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\updater.exe
(explorer.exe ->) (Focusrite Audio Engineering, Ltd.) [Archivo no firmado] C:\Program Files\FocusriteUSB\Focusrite Notifier.exe
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Qualcomm Atheros Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\awic\AWiCMgr.exe
(explorer.exe ->) (Qualcomm Atheros Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\Wcct.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIIKE.EXE
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0354716.inf_amd64_f71e4ad1ddbb6e3d\B352547\atiesrxx.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\IntelCpHeciSvc.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.12.340.1\mc-fw-host.exe <2>
(services.exe ->) (McAfee, LLC -> McAfee, LLC.) C:\Program Files (x86)\McAfee\McAfee Safe Connect\SafeConnect.ServiceHost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 9\activation-service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2342.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.12.340.1\neo\core\mc-neo-host.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_4000.986.611.0_x64__8wekyb3d8bbwe\PushNotificationsLongRunningTask.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWelcome.exe [127480 2017-11-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AWiCMgr] => C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\AWiC\AWiCMgr.exe [185856 2016-09-19] (Qualcomm Atheros Inc.) [Archivo no firmado]
HKLM\...\Run: [AWiCDiag] => C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\AWiCDiag.exe [3067904 2016-09-19] (Qualcomm Atheros, Inc.) [Archivo no firmado]
HKLM\...\Run: [wcct] => C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\wcct.exe [1076224 2016-09-19] (Qualcomm Atheros Inc.) [Archivo no firmado]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Focusrite Notifier] => C:\Program Files\FocusriteUSB\Focusrite Notifier.exe [3949568 2019-08-02] (Focusrite Audio Engineering, Ltd.) [Archivo no firmado]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11561184 2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe [57620256 2023-10-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe [57620256 2023-10-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-456901426-2367040865-2536711323-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe [57620256 2023-10-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe [57620256 2023-10-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Run: [SafeConnect] => C:\Program Files (x86)\McAfee\McAfee Safe Connect\SafeConnect.Entry.exe [161440 2022-09-22] (McAfee, LLC -> McAfee, LLC.)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Run: [Spotify] => C:\Users\David\AppData\Roaming\Spotify\Spotify.exe [19970464 2022-07-18] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIKE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Run: [MicrosoftEdgeAutoLaunch_32628329D6ABECAB6CD57130DDFBAC4F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4187176 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe [57620256 2023-10-30] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\EPSON XP-302 303 305 306 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMIKE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [558592 2012-11-12] (SEIKO EPSON CORPORATION) [Archivo no firmado]
HKLM\...\Print\Monitors\PDF Architect 9 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\brand_solution_name_pdfpmon_v.6.11.0.7.dll [960120 2023-08-10] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\119.0.6045.105\Installer\chrmstp.exe [2023-11-01] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Updater.lnk [2019-03-11]
ShortcutTarget: RT-Updater.lnk -> C:\Ross-Tech\VCDS\VCDS.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)

==================== Tareas programadas (Lista blanca) =================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {4DEC7650-310B-4175-A5E1-65E4706611EB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {9B72AB73-C3DD-4CEA-ABD9-81396CF0D582} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {375A3051-AC4D-48A0-8F6D-E494ABB0B2A9} - System32\Tasks\Elcomsoft\Elcomsoft Updater Autostart => C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\updater-launcher.exe [372320 2018-09-05] (Elcomsoft s.r.o. -> Elcomsoft)
Task: {C179BDA7-4F8F-4F8C-B9B6-6EACA810AC9B} - System32\Tasks\Elcomsoft\Elcomsoft Updater Show => C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\updater-launcher.exe [372320 2018-09-05] (Elcomsoft s.r.o. -> Elcomsoft)
Task: {FD0BCE2D-A343-4150-8896-C1FBAEABB11A} - System32\Tasks\Elcomsoft\Elcomsoft Updater Terminate => C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\updater-launcher.exe [372320 2018-09-05] (Elcomsoft s.r.o. -> Elcomsoft)
Task: {A8A04081-6517-453B-86BE-DFCB60D20F43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-27] (Google Inc -> Google Inc.)
Task: {74F38714-DCA9-482E-AD4C-62E991D81601} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-27] (Google Inc -> Google Inc.)
Task: {61F0CB90-7B18-475F-900C-D52C69145F45} - System32\Tasks\McAfee OEM Subscription job => \\?\C:\Program Files\McAfee\WPS\SubscriptionJob\mc-oem-subjob.exe [2039744 2023-10-10] (McAfee, LLC -> McAfee, LLC)
Task: {6B7FB4D7-FF86-42DE-95AA-BA7D0B6DA373} - System32\Tasks\McAfee\WPS\amwebapitriggertask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {E26992C3-F38B-49E7-8025-28C01A167D4B} - System32\Tasks\McAfee\WPS\AntiTrackerTask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {B24E2714-8828-4642-B533-6E691CB60DD4} - System32\Tasks\McAfee\WPS\DAD.WPS.Execute.Updates => C:\Program Files\McAfee\wps\1.12.340.1\dad\mc-dad.exe [4382672 2023-10-29] (McAfee, LLC -> McAfee, LLC)
Task: {6573C1DE-451F-4456-BD92-52F3F1115C49} - System32\Tasks\McAfee\WPS\datupdatetask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {7C2DA73D-CA86-4630-9C88-72D82E861748} - System32\Tasks\McAfee\WPS\McAfee Sustainability => C:\Program Files\McAfee\wps\1.12.340.1\sustainability\mc-sustainability.exe [965936 2023-10-29] (McAfee, LLC -> McAfee, LLC)
Task: {E5BE8FBC-EAD2-4414-BBA2-0C3849C1E031} - System32\Tasks\McAfee\WPS\mcpcoscanner => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {5C90FF2F-416B-47F4-AA82-BEF0192C92DC} - System32\Tasks\McAfee\WPS\NGMCadence => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {3D9A98F9-DEDC-4644-AA72-77CEFF98A852} - System32\Tasks\McAfee\WPS\odsscheduledtask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {68E61721-815B-4DE1-9A50-1195FB66DA8D} - System32\Tasks\McAfee\WPS\systemrebootedtask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {FCFAB777-EC0A-4EC2-A79C-DCFDA168E66E} - System32\Tasks\McAfee\WPS\tracker_remover => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {46F98F2B-0E43-40A2-A329-9EA31407FCC9} - System32\Tasks\McAfee\WPS\Update => {81A7CB63-BB07-4DAD-8E72-07B3A9BB08E2}
Task: {A47A544C-A37A-471F-B87B-D6E080AAA357} - System32\Tasks\McAfee\WPS\WPSPush => \\?\C:\Program Files\McAfee\WPS\1.12.340.1\mc-wns-client\mc-wns-client.exe [831024 2023-10-29] (McAfee, LLC -> )
Task: {BFE8B735-17C8-4B09-B28D-8DBF8627DD0B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-10-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B11E06B-C696-4994-983A-BB76318B3B4D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-10-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {208B866C-DF4F-4656-B26D-29DC23910074} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305088 2023-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {280DE1E6-E9F1-4CE8-8BB8-4137E76FF1FE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305088 2023-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {55AC48D4-E70C-4343-81D3-F7C42C1FD830} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169656 2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {0FC98D76-9EC0-4A3A-B1B5-E8A391DCAF84} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc
Task: {0FC98D76-9EC0-4A3A-B1B5-E8A391DCAF84} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun
Task: {0FC98D76-9EC0-4A3A-B1B5-E8A391DCAF84} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData
Task: {53729C35-7838-432C-A2AB-098B72D1A37B} - System32\Tasks\Microsoft\Windows\Chkdsk\CNHe-tiering-events => C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [58864 2022-06-25] (Microsoft Corporation -> Microsoft Corporation) -> C:\PROGRA~2\GENERI~1\XXIVER~1\DEVROM~1.DLL /nologo /unregister
Task: {749ACC8F-FCB4-4F15-8E70-466F61CAAD16} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Acceso Denegado]
Task: {5266DA90-664A-4EA3-B7DF-B4777F0FB2DA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantAllUsersRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Acceso Denegado]
Task: {C76C388F-5A28-4D95-A509-660D64CBA67A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Acceso Denegado]
Task: {D9655014-B06C-40AF-8F27-24E5A1474C7F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Acceso Denegado]
Task: {D96087E0-3CA6-4F63-8B72-A792C8391912} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-10-14] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {932EE97C-809D-4928-9999-8895C7405A90} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718240 2023-10-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {3B46CC74-800C-4D2E-B288-7D2E34EC83B9} - System32\Tasks\PCDDataUploadTask => "uaclauncher.exe"  -lloc dataupload --ignoresecondarysplash --runsilently --skipidlewait (Ningún archivo)
Task: {D98EB1F6-1635-4C0D-9549-DC3EBA8808CB} - System32\Tasks\pdfforge GmbH\PDF Architect 9\App Notification => C:\Program Files\PDF Architect 9\architect-launcher.exe [2149312 2023-02-10] (pdfforge GmbH -> pdfforge GmbH)
Task: {A44EBDAE-885D-4CF2-814A-4AAF59E96488} - System32\Tasks\pdfforge GmbH\PDF Architect 9\App Notification Logon => C:\Program Files\PDF Architect 9\architect-launcher.exe [2149312 2023-02-10] (pdfforge GmbH -> pdfforge GmbH)
Task: {217E8F66-F057-4918-877D-E00253AB7DDB} - System32\Tasks\pdfforge GmbH\PDF Architect 9\Update => C:\Program Files\PDF Architect 9\architect.exe [3438528 2023-02-10] (pdfforge GmbH -> pdfforge GmbH)
Task: {85D642D5-C976-4C38-B87A-DA42BE974606} - System32\Tasks\Remove AdwCleaner Application => C:\WINDOWS\system32\CMD.EXE [289792 2023-10-11] (Microsoft Windows -> Microsoft Corporation) -> /C DEL /F /Q "C:\Users\David\Desktop\adwcleaner.exe"
Task: {B2CD7D28-DDC7-4E39-BE7A-C2D549F67969} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60008 2020-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3DB109C4-2467-4132-8551-74F2DF5639A6} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [67688 2020-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {EA2424B0-7DEA-48E5-8534-5EFFF0ABFE88} - System32\Tasks\SystemToolsDailyTest => "uaclauncher.exe"  -silentenumeration -st SystemToolsDailyTest --ignoresecondarysplash --runsilently (Ningún archivo)
Task: {AFA0C759-8175-460B-9096-506623E4C5F2} - System32\Tasks\Uninstall AdwCleaner Application => C:\Users\David\Desktop\adwcleaner.exe  /uninstall (Ningún archivo)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 212.230.135.1 212.230.135.2
Tcpip\..\Interfaces\{05e87645-38d1-4a02-a165-b33cde195eca}: [DhcpNameServer] 172.18.11.1
Tcpip\..\Interfaces\{1c7d2606-8467-4a09-9b67-7eac93f909b4}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{8b17c222-ffb7-4986-b87f-5b2d6b8264b5}: [DhcpNameServer] 212.230.135.1 212.230.135.2
Tcpip\..\Interfaces\{b5b2aaf8-675d-4116-89b9-662e8a27c158}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ca8dd785-5e42-46fe-8fe0-479d65022cae}: [DhcpNameServer] 62.81.16.213 62.81.16.148
Tcpip\..\Interfaces\{d6a5bca9-e8ee-4d3b-9975-e4a47de3a098}: [DhcpNameServer] 62.81.16.213 62.81.16.148

Edge: 
=======
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
Edge DefaultProfile: Default
Edge Profile: C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-02]
Edge Extension: (Documentos de Google sin conexión) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-19]
Edge Extension: (Edge relevant text changes) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-19]

FireFox:
========
FF DefaultProfile: llolf8er.default
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\llolf8er.default [2023-08-06]
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\mavro3k7.default-release-1695203406618 [2023-10-31]
FF user.js: detected! => C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\mavro3k7.default-release-1695203406618\user.js [2023-09-20]
FF HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Firefox\Extensions: [[email protected]] - C:\Users\David\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => no encontrado
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-456901426-2367040865-2536711323-1001: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\David\AppData\Roaming\ACEStream\player\npace_plugin.dll [Ningún archivo]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2023-11-02]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2023-10-19]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17]
CHR Extension: (Menú de aplicaciones de Drive (de Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-23]
CHR Extension: (Ace Script) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2023-10-04]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-06]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default_Old [2023-08-07] <==== ATENCIÓN
CHR Extension: (McAfee® WebAdvisor) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default_Old\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2023-08-03]
CHR Extension: (Google Docs Offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default_Old\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-03]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default_Old\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default_Old\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-03]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-08-07]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\System Profile [2023-09-12]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-456901426-2367040865-2536711323-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-456901426-2367040865-2536711323-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [hcjdanpjacpeeppdjkppebobilhaglfo]
CHR HKLM-x32\...\Chrome\Extension: [lecopdllcadfbliodgfpfbhgoaohmlfe]

Brave: 
=======
BRA Profile: C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-08-07]
BRA Extension: (McAfee® WebAdvisor) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-05-30]
BRA Extension: (SearchPreview) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo [2021-05-30]
BRA Extension: (Loom for Chrome) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\liecbddmkiiihnedobmlmillhodjkdmb [2021-06-06]
BRA Extension: (Menú de aplicaciones de Drive (de Google)) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-05-30]
BRA Extension: (Ace Script) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2021-05-30]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-05-30]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-06-07]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-05-30]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-06-06]
BRA Extension: (Brave Ad Block Updater (EasyList Spanish)) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\pdecoifadfkklajdlmndjpkhabpklldh [2021-06-07]

FRST (parte 2)

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S4 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12876472 2023-10-28] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
S4 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [38048 2019-03-15] (Dell Inc -> )
S4 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S4 Focusrite Control Server; C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe [1534976 2020-01-08] (Focusrite Audio Engineering Ltd.) [Archivo no firmado]
R2 mc-fw-host; C:\Program Files\McAfee\WPS\1.12.340.1\mc-fw-host.exe [2319248 2023-10-29] (McAfee, LLC -> McAfee, LLC)
S3 mc-wps-update; C:\Program Files\McAfee\wps\1.12.340.1\mc-update.exe [5081016 2023-10-29] (McAfee, LLC -> McAfee, LLC)
S4 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [871752 2023-07-30] (McAfee, LLC -> McAfee, LLC)
S4 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\5.5.107.0\\McCSPServiceHost.exe [3384472 ] (McAfee, LLC -> McAfee, LLC)
S4 NTKDaemonService; C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe [16847584 2023-05-17] (Native Instruments GmbH -> Native Instruments GmbH)
R3 PDF Architect 9; C:\Program Files\PDF Architect 9\activation-service.exe [3108288 2023-02-10] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 9 Creator; C:\Program Files\PDF Architect 9\creator-ws.exe [507328 2023-02-10] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 9 Update Service; C:\Program Files\PDF Architect 9\update-service.exe [414656 2023-02-10] (pdfforge GmbH -> pdfforge GmbH)
S4 Realtek87L; C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe [36864 2009-07-10] (Realtek) [Archivo no firmado]
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 SafeConnectService; C:\Program Files (x86)\McAfee\McAfee Safe Connect\SafeConnect.ServiceHost.exe [32144 2022-09-22] (McAfee, LLC -> McAfee, LLC.)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [17845048 2023-07-31] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 DellClientManagementService; "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe" [X]
S4 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2023-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-02-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-02-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 FocusritePCIeSwRoot; C:\WINDOWS\System32\drivers\FocusritePCIeSwRoot.sys [97480 2016-11-16] (Focusrite Audio Engineering Ltd. -> Focusrite Audio Engineering Ltd.)
S3 FocusriteUSB; C:\WINDOWS\System32\drivers\FocusriteUSB.sys [122088 2019-08-02] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUSBSwRoot; C:\WINDOWS\System32\drivers\FocusriteUSBSwRoot.sys [101512 2019-08-02] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
S3 FocusriteUSB_AUDIO; C:\WINDOWS\system32\drivers\FocusriteUSBAudio.sys [63408 2019-08-02] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
S3 FocusriteUSB_MIDI; C:\WINDOWS\system32\drivers\FocusriteUSBMidi.sys [50000 2019-08-02] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-06] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S0 mfeelam; C:\WINDOWS\System32\DRIVERS\mfeelam.sys [18528 2023-10-29] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R0 mfesec; C:\WINDOWS\System32\DRIVERS\mfesec.sys [84320 2023-10-29] (McAfee, LLC -> McAfee, LLC)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 RT-USB; C:\WINDOWS\system32\drivers\RT-USB64.SYS [97152 2014-05-12] (Ross-Tech, LLC -> Ross-Tech LLC)
S3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [166032 2021-08-13] (Intel Corporation -> Rivet Networks, LLC.)
R3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows (R) Win 7 DDK provider)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2020-02-05] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2023-11-02 22:01 - 2023-11-02 22:01 - 000039547 _____ C:\Users\David\Desktop\FRST.txt
2023-11-02 21:30 - 2023-11-02 21:30 - 000000000 ____D C:\Users\David\Desktop\Analisis Foro Spyware
2023-11-02 15:54 - 2023-11-02 15:54 - 000314204 _____ C:\Users\David\Downloads\MODELO CAMBIO DOMICILIO .pdf
2023-11-02 12:39 - 2023-11-02 12:39 - 000060451 _____ C:\Users\David\Downloads\Nomina octubre 2023.pdf
2023-11-02 09:29 - 2023-11-02 09:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-11-01 19:06 - 2023-11-01 19:06 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-10-31 12:19 - 2023-10-31 12:19 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2023-10-26 13:38 - 2023-10-26 13:38 - 000008594 _____ C:\Users\David\Downloads\images.jpeg
2023-10-24 18:25 - 2023-10-24 18:25 - 000000000 ___HD C:\OneDriveTemp
2023-10-15 14:17 - 2023-10-15 14:21 - 604753384 ____R C:\Users\David\Downloads\Bronca - Temporada 1Cap1.mkv
2023-10-14 21:59 - 2023-10-14 22:00 - 000000000 ____D C:\Users\David\Downloads\Lamb of God - 2022 - Omens (24bit-48kHz)
2023-10-13 09:10 - 2023-10-13 09:10 - 000477301 _____ C:\Users\David\Downloads\SusEntradas.pdf
2023-10-12 13:16 - 2023-10-12 13:16 - 000000000 ____D C:\Users\David\AppData\Local\Backup
2023-10-12 13:11 - 2023-10-12 13:11 - 000000000 ____D C:\ProgramData\PLUG
2023-10-11 07:57 - 2023-10-11 07:57 - 000016059 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-10-11 07:49 - 2023-10-11 07:49 - 000000000 ___HD C:\$WinREAgent
2023-10-06 14:57 - 2023-10-06 14:54 - 000021786 ____T C:\Users\David\Downloads\RBM Nota informativa.pdf
2023-10-06 08:48 - 2023-10-11 07:55 - 000000000 ____D C:\Users\David\Downloads\GiBiDi pass 800
2023-10-03 19:00 - 2023-10-03 19:00 - 000265162 _____ C:\Users\David\Downloads\altaCliente3536089536672109230[8757].pdf

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2023-11-02 22:01 - 2023-08-07 10:42 - 000000000 ____D C:\FRST
2023-11-02 21:59 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-02 21:53 - 2023-08-06 16:34 - 000004088 _____ C:\WINDOWS\system32\Tasks\McAfee OEM Subscription job
2023-11-02 21:50 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-11-02 21:27 - 2023-05-05 13:27 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-11-02 21:27 - 2018-04-27 19:07 - 000000000 ____D C:\Program Files (x86)\Google
2023-11-02 21:24 - 2019-12-07 15:56 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-11-02 21:24 - 2018-10-31 00:21 - 000000000 ____D C:\Users\David\AppData\Roaming\Dropbox
2023-11-02 21:24 - 2018-10-31 00:10 - 000000000 ____D C:\Users\David\AppData\Local\Dropbox
2023-11-02 21:23 - 2022-12-09 10:10 - 000000000 ___RD C:\Users\David\OneDrive - Educantabria
2023-11-02 21:23 - 2021-08-16 14:14 - 000000000 ____D C:\Users\David\AppData\Roaming\Spotify
2023-11-02 21:23 - 2020-02-29 11:32 - 000000000 ____D C:\ProgramData\boost_interprocess
2023-11-02 21:23 - 2018-04-27 19:04 - 000000000 ___RD C:\Users\David\OneDrive
2023-11-02 21:23 - 2018-04-27 19:02 - 000000000 __SHD C:\Users\David\IntelGraphicsProfiles
2023-11-02 21:23 - 2018-04-27 19:02 - 000000000 ___SD C:\Users\David\AppData\Roaming\Microsoft\Credentials
2023-11-02 16:01 - 2023-08-10 10:34 - 000000000 ____D C:\Users\David\AppData\Roaming\PDF Architect 9
2023-11-02 15:49 - 2023-08-06 16:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-11-02 09:29 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-02 09:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-11-02 09:29 - 2018-10-31 00:10 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-11-01 22:33 - 2018-10-16 22:10 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Office
2023-11-01 20:07 - 2018-10-16 22:10 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Word
2023-11-01 19:05 - 2018-10-16 22:07 - 000000000 ____D C:\Program Files\Microsoft Office
2023-11-01 19:01 - 2023-08-04 13:18 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-11-01 19:01 - 2023-08-04 13:18 - 000002211 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-10-31 11:37 - 2018-09-08 00:05 - 000000000 ____D C:\Users\David\AppData\Local\D3DSCache
2023-10-31 00:29 - 2018-05-22 00:11 - 000000000 ____D C:\Users\David\AppData\Local\Packages
2023-10-30 15:54 - 2021-09-25 10:06 - 000002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-10-30 15:54 - 2021-09-25 10:06 - 000002015 _____ C:\Users\Default\Desktop\Google Slides.lnk
2023-10-30 15:54 - 2021-09-25 10:06 - 000002015 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2023-10-30 15:54 - 2021-09-25 10:06 - 000002003 _____ C:\Users\Default\Desktop\Google Docs.lnk
2023-10-30 15:54 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-10-30 10:52 - 2020-06-18 09:47 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-10-29 11:22 - 2018-06-24 17:14 - 000000000 ____D C:\ProgramData\Packages
2023-10-29 11:21 - 2023-04-18 19:34 - 000084320 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfesec.sys
2023-10-29 11:21 - 2023-04-18 19:34 - 000018528 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfeelam.sys
2023-10-28 09:02 - 2023-08-06 16:31 - 001772862 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-10-28 09:02 - 2019-12-07 15:55 - 000790938 _____ C:\WINDOWS\system32\perfh00A.dat
2023-10-28 09:02 - 2019-12-07 15:55 - 000156274 _____ C:\WINDOWS\system32\perfc00A.dat
2023-10-28 08:57 - 2023-08-06 16:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-10-28 08:57 - 2021-03-21 09:16 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-28 08:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-10-28 08:57 - 2018-04-18 18:06 - 000000000 ____D C:\Intel
2023-10-27 22:51 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-10-27 22:50 - 2022-08-15 12:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-10-27 22:50 - 2021-05-30 22:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-10-27 20:36 - 2023-08-06 16:34 - 000003706 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-27 20:36 - 2023-08-06 16:34 - 000003582 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-10-27 11:58 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-10-27 11:03 - 2022-11-09 10:27 - 000000000 ____D C:\Users\David\Desktop\Ana
2023-10-23 20:30 - 2023-08-06 16:34 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-456901426-2367040865-2536711323-1001
2023-10-23 20:30 - 2023-08-06 16:34 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-456901426-2367040865-2536711323-1001
2023-10-23 20:30 - 2023-08-06 16:24 - 000002420 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-10-19 11:47 - 2021-02-10 11:54 - 000000000 ____D C:\Sustituciones
2023-10-19 10:11 - 2021-03-29 16:47 - 000000000 ____D C:\Facturas
2023-10-15 22:32 - 2018-10-05 10:15 - 000000000 ____D C:\Users\David\AppData\Roaming\uTorrent
2023-10-15 14:01 - 2019-04-09 11:54 - 000000000 ____D C:\Users\David\AppData\Local\BitTorrentHelper
2023-10-15 10:59 - 2018-10-04 11:26 - 000000000 ____D C:\Users\David\AppData\Roaming\Mp3tag
2023-10-14 21:42 - 2018-07-15 22:56 - 000000000 ____D C:\Torrents
2023-10-14 20:42 - 2023-09-20 10:50 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-10-14 20:42 - 2022-02-10 11:19 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-10-12 13:09 - 2022-02-16 18:57 - 000000000 ____D C:\Program Files\RUXIM
2023-10-12 13:09 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-10-12 13:09 - 2016-10-26 15:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-10-11 14:45 - 2023-08-06 16:22 - 005114192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-10-11 14:43 - 2019-12-07 15:57 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-10-11 14:43 - 2019-12-07 15:57 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-10-11 14:43 - 2019-12-07 15:55 - 000000000 ____D C:\WINDOWS\SysWOW64\es
2023-10-11 14:43 - 2019-12-07 15:55 - 000000000 ____D C:\WINDOWS\system32\es
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-10-11 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-10-11 14:43 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-10-11 08:04 - 2019-12-07 15:57 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-10-11 08:04 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-10-11 08:04 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-10-11 07:56 - 2023-08-06 16:25 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-10-11 07:47 - 2018-04-27 19:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-10-11 07:40 - 2018-04-27 19:40 - 181553176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-10-10 23:24 - 2020-04-07 19:20 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Teams
2023-10-03 08:49 - 2018-10-31 00:10 - 000001022 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2023-10-03 08:49 - 2018-10-31 00:10 - 000001018 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job

==================== Archivos en la raíz de algunos directorios ========

2020-10-29 19:00 - 2020-10-29 19:00 - 000000008 __RSH () C:\ProgramData\sysqcl1131236454.dat
2023-05-16 19:02 - 2023-09-22 19:51 - 000000048 _____ () C:\Users\David\AppData\Roaming\msregsvv.dll
2023-06-01 17:05 - 2023-06-01 17:18 - 000000132 _____ () C:\Users\David\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2019-02-10 19:29 - 2015-09-18 15:13 - 000937776 _____ (AutoIt Team) C:\Users\David\AppData\Roaming\wscript.exe
2019-01-14 12:15 - 2019-01-14 12:17 - 000534528 _____ (Dirección General de la Policía) C:\Users\David\AppData\Local\DNIeService.exe

==================== FLock ==============================

2018-05-21 22:32 C:\WINDOWS\UpdateAssistant

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Additio (parte 1)

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 06-08-2023
Ejecutado por David (02-11-2023 22:02:45)
Ejecutado desde C:\Users\David\Desktop
Microsoft Windows 10 Home Versión 22H2 19045.3570 (X64) (2023-08-06 15:34:42)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-456901426-2367040865-2536711323-500 - Administrator - Disabled)
David (S-1-5-21-456901426-2367040865-2536711323-1001 - Administrator - Enabled) => C:\Users\David
DefaultAccount (S-1-5-21-456901426-2367040865-2536711323-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-456901426-2367040865-2536711323-1000 - Limited - Disabled) => C:\Users\defaultuser0
Invitado (S-1-5-21-456901426-2367040865-2536711323-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-456901426-2367040865-2536711323-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: McAfee (Disabled - Up to date) {17E6E93C-6841-5FC7-DEB8-480FDC929279}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {2624E002-54CC-27F9-FD39-B2DD14D41191}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee (Disabled) {2FDD6819-222E-5E9F-F5E7-E13A2241D502}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\uTorrent) (Version: 3.6.0.46902 - BitTorrent Inc.)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.00.631.5823 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.631.5823 - ABBYY)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM-x32\...\{FE241076-B49A-4129-9DFD-08394BE497D7}) (Version: 4.54.110.4540 - Elcomsoft Co. Ltd.)
AMD Install Manager (HKLM\...\{8166070C-BAAC-6140-4F9D-D8DB556BA6C6}) (Version: 9.0.000.6 - Advanced Micro Devices, Inc.) Hidden
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.6 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2020.0226.0415.7659 - Advanced Micro Devices, Inc.)
Amped - Roots version 1.2.2 (HKLM\...\Amped - Roots_is1) (Version: 1.2.2 - )
Aplicaciones de Microsoft 365 para empresas - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.16924.20124 - Microsoft Corporation)
Apple Application Support (32 bits) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
Archetype Nolly (HKLM\...\{923A067F-9829-4DC4-AEF5-86E1DE61201B}) (Version: 2.0.0 - Neural DSP)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22402 - Microsoft Corporation)
AutoFirma (HKLM\...\AutoFirma) (Version: 1.8.2 - Gobierno de España)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
Comprobación de estado de PC Windows (HKLM\...\{8B474A92-CE3A-4F46-B6F1-6DFA1390F826}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Custom Shop 2.0.0 (HKLM\...\5b86c39c-6f2f-52a0-a1b0-9b9fc743254c) (Version: 2.0.0 - IK Multimedia)
Custom Shop version 1.8.0 (HKLM-x32\...\{21BAD046-50EC-49E2-BE7B-F9729704F2C3}_is1) (Version: 1.8.0 - IK Multimedia)
Custom Shop version 2.0.0 (64-bit) (HKLM\...\{21BAD046-50EC-49E2-BE7B-F9729704F2C3}_is1) (Version: 2.0.0 - IK Multimedia)
Dell Digital Delivery Services (HKLM-x32\...\{4E63542A-F61E-4A6C-9732-13F3425C1758}) (Version: 4.0.34.0 - Dell Inc.)
Dell Mobile Connect Drivers (HKLM\...\{AAB336F0-6FC6-4BFE-AD7E-315FCDF20156}) (Version: 1.1.3750 - Screenovate Technologies Ltd.)
Dell Update for Windows Universal (HKLM\...\{B5318AB2-185E-408A-8ABE-0EDA416E92DB}) (Version: 4.9.0 - Dell Inc.)
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
Dropbox (HKLM-x32\...\Dropbox) (Version: 186.4.6207 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.817.1 - Dropbox, Inc.) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.11.9.2259 - Steinberg Media Technologies GmbH)
Epson Easy Photo Print 2 (HKLM-x32\...\{02A312B5-1542-47B6-BFE9-F51358C39E86}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
Epson Manual de red EPSON XP-302 303 305 306 Series (HKLM-x32\...\EPSON XP-302 303 305 306 Series Netg) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-302 303 305 306 Series Printer Uninstall (HKLM\...\EPSON XP-302 303 305 306 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
FabFilter Total Bundle (HKLM\...\FabFilter Total Bundle_is1) (Version: 2020.6 - FabFilter & Team V.R)
Fazertone Overdrive Essentials 1.0.0 (HKLM\...\Fazertone Overdrive Essentials 1.0.0_is1) (Version: 1.0.0 - Fazertone)
Focusrite Control 3.5.0.1754 (HKLM\...\Focusrite Control_is1) (Version: 3.5.0.1754 - Focusrite Audio Engineering Ltd.)
Focusrite Thunderbolt 4.25.0.335 (HKLM\...\Focusrite Thunderbolt_is1) (Version: 4.25.0.335 - Focusrite Audio Engineering Ltd.)
Focusrite USB 4.63.24.564 (HKLM\...\Focusrite USB_is1) (Version: 4.63.24.564 - Focusrite Audio Engineering, Ltd.)
Fortin Nameless Suite (HKLM\...\{45AD9FBA-8E6B-4F7E-880D-A7C1F40A3796}) (Version: 3.0.1 - Neural DSP)
fre:ac v1.1.7 (HKLM\...\fre:ac v1.1.7) (Version: 1.1.7 - )
Freemake Audio Converter versión 1.1.9 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.9 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 119.0.6045.105 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 83.0.2.0 - Google LLC)
IK Multimedia AmpliTube 5 (HKLM\...\AmpliTube 5_is1) (Version: 5.5.3 - IK Multimedia)
IK Multimedia Authorization Manager version 1.0.19 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.19 - IK Multimedia)
IK Product Manager (HKLM\...\a401809f-3509-5ed7-a6dc-34dc618bf372) (Version: 1.0.6 - IK Multimedia)
Intel(R) Chipset Device Software (HKLM\...\{81520FC5-3518-40E9-9803-70CE8A801D07}) (Version: 10.1.1.38 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10207.5567 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{09DAB6B6-FBEF-4AC5-AE93-BFF01A0B796D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{B557A9A1-D64B-43D7-B598-F7BAAE897CF3}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{3479FCE3-F7D2-4980-819A-767941440932}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{EBE12EC7-60DF-41C2-AAC8-0B2586F15C96}) (Version: 15.2.0.1020 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{FBC819D6-78B6-49AB-931E-3D127D43BE64}) (Version: 30.100.1725.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Manual de funcionamiento básico EPSON XP-302 303 305 306 Series (HKLM-x32\...\EPSON XP-302 303 305 306 Series Bog) (Version:  - )
Manual de usuario EPSON XP-302 303 305 306 Series (HKLM-x32\...\EPSON XP-302 303 305 306 Series Useg) (Version:  - )
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.12253.1 - Waves Audio Ltd.) Hidden
McAfee (HKLM\...\McAfee.WPS) (Version: 1.12.340.1 - McAfee, LLC)
McAfee Safe Connect (HKLM-x32\...\{82D8F05E-9F97-415F-8622-C65C6759EFC6}) (Version: 2.16 - McAfee, LLC.) Hidden
McAfee Safe Connect (HKLM-x32\...\{a6cf057b-0e6f-4367-9afe-6aeb5a6ca5a5}) (Version: 2.16 - McAfee, LLC.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 118.0.2088.76 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\OneDriveSetup.exe) (Version: 23.209.1008.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Teams) (Version: 1.6.00.6754 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{B81577B2-3AD0-4AFD-A19C-87F673C09D0C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{62678770-F459-4903-83E3-A2968F6CC242}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (HKLM-x32\...\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{08D2E121-7F6A-43EB-97FD-629B44903403}) (Version: 1.00.0000 - Adobe) Hidden
MIKKO (HKLM\...\{9777DB55-E2DB-4F00-9B32-4854642EAF51}) (Version: 1.2.0 - ML Sound Lab)
MIKKO2 (HKLM\...\{C8D0C8DE-D768-4F18-92B3-03CC23F21CF2}) (Version: 2.0.8 - ML Sound Lab)
Miroslav Philharmonik 2 version 2.0.5 (HKLM\...\{CF8EE134-AD62-4D47-81A5-A42CAE3B1710}_is1) (Version: 2.0.5 - IK Multimedia)
Mozilla Firefox (x64 es-ES) (HKLM\...\Mozilla Firefox 118.0.2 (x64 es-ES)) (Version: 118.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 117.0.1 - Mozilla)
Mp3tag v3.17 (HKLM\...\Mp3tag) (Version: 3.17 - Florian Heidenreich)
Native Access 3.4.0 (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\c410b7d2-8fce-53b3-8332-e98b6e89a16a) (Version: 3.4.0 - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.2.8 - Native Instruments)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.7.1.0 - Native Instruments)
Native Instruments NTKDaemon (HKLM-x32\...\Native Instruments NTKDaemon) (Version: 1.12.0.0 - Native Instruments)
Neural DSP Archetype Cory Wong (HKLM\...\Archetype Cory Wong_is1) (Version: 1.0.0 - Neural DSP)
Neural DSP Archetype Gojira (HKLM\...\Archetype Gojira_is1) (Version: 1.0.0 - Neural DSP)
Neural DSP Archetype Nolly (HKLM\...\Archetype Nolly_is1) (Version: 2.0.0 - Neural DSP)
Neural DSP OMEGA Ampworks Granophyre (HKLM\...\OMEGA Ampworks Granophyre_is1) (Version: 1.0.0 - Neural DSP)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 29.1.3 - OBS Project)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20124 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20078 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.16924.20088 - Microsoft Corporation) Hidden
PACE License Support Win64 (HKLM\...\{CDDC4CA3-FBF0-46c3-8EB1-B001EA7FDA55}) (Version: 5.2.1.3096 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{CDDC4CA3-FBF0-46c3-8EB1-B001EA7FDA55}) (Version: 5.2.1.3096 - PACE Anti-Piracy, Inc.)
Paquete de controladores de Windows - Ross-Tech HIDClass  (02/13/2014 6.3.0.2) (HKLM\...\5E356C0921BECEC7743BAC21F6B7A5775044AFC0) (Version: 02/13/2014 6.3.0.2 - Ross-Tech)
Paquete de controladores de Windows - Ross-Tech USB Driver Package (05/12/2014 2.10.00) (HKLM\...\88B02C4BD09AA7910C55C4E74BE8F036244B5CF9) (Version: 05/12/2014 2.10.00 - Ross-Tech)
Parallax (HKLM\...\{F65DF0A2-68AA-41DA-82C0-93E762A2D170}) (Version: 2.0.1 - Neural DSP)
PDF Architect 9 Edit Module (HKLM\...\{5D43F07B-8833-42E3-8D0D-A5FAA059B09F}) (Version: 9.0.34.19788 - pdfforge GmbH)
PDF Architect 9 OCR Module (HKLM\...\{2C09A4B9-9DD5-4752-9DC7-7DE300534063}) (Version: 9.0.34.19788 - pdfforge GmbH)
PDF Architect 9 OCR TESS Module (HKLM\...\{378BE1DE-E479-48F0-8071-7A9B0FD75F16}) (Version: 9.0.34.19788 - pdfforge GmbH)
PDF Architect 9 View Module (HKLM\...\{00D64031-3C37-4373-8328-024E9306525B}) (Version: 9.0.34.19788 - pdfforge GmbH)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Picto-Selector 1.8 (HKLM-x32\...\{8032E8DE-1764-4F00-B19E-EF2DBBDB649B}_is1) (Version:  - M.C. van der Kooij)
Pixillion, convertidor de archivos de imagen (HKLM-x32\...\Pixillion) (Version: 10.20 - NCH Software)
Plugin Boutique Scaler 2 (HKLM\...\Scaler 2_is1) (Version: 2.0.6 - Plugin Boutique)
Power Tab Editor 1.7 (HKLM-x32\...\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}) (Version: 1.7.0 - Power Tab Software)
Pulse Application Launcher (HKLM-x32\...\{A06B0A43-5108-43AE-9C97-4D73AE1A0F78}) (Version: 9.0.1151 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Pulse_Setup_Client) (Version: 9.0.2.1151 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Pulse_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Pulse Secure Setup Client Activex Control (HKLM-x32\...\Pulse_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10480 - Qualcomm)
Qualcomm Unified Wireless Suite (HKLM-x32\...\{6CFE6F33-3D69-4B9C-AA20-FF1F8CB064D5}) (Version: 11.0.0.10394 - Qualcomm)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.50.511.2021 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8895.1 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10586.11213 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{0DF70CB6-553A-4C57-8E6D-87635EECFB78}) (Version: 1.00.0125 - REALTEK Semiconductor Corp.)
REAPER (HKLM-x32\...\REAPER) (Version:  - )
REAPER (x64) (HKLM\...\REAPER) (Version: 6.79 - Cockos Incorporated)
SampleTank 4 version 4.2.3 (HKLM\...\{71D307CB-6BCF-4AB8-9365-CAEFFC150B5E}_is1) (Version: 4.2.3 - IK Multimedia)
Sigma version 1.0.2 (HKLM\...\Sigma_is1) (Version: 1.0.2 - )
Skype versión 8.100 (HKLM-x32\...\Skype_is1) (Version: 8.100 - Skype Technologies S.A.)
SmartByte Drivers and Services (HKLM\...\{A0CDAD3D-0329-4E3E-8DC1-30E333D6564D}) (Version: 3.1.995 - Rivet Networks)
Snap Camera 1.10.0 (HKLM-x32\...\{024A6CF5-627D-497F-980B-B9A6EC5C40AF}_is1) (Version: 1.10.0 - Snap Inc.)
Soporte para el iPod (HKLM\...\{E8676067-68D7-483A-BC2B-A7FF808077E2}) (Version: 120.7.3.55 - Apple Inc.)
Spotify (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Spotify) (Version: 1.1.89.862.g94554d24 - Spotify AB)
Steinberg Cubase 10.0.40 Pro RC3 (HKLM\...\{14EF9A03-484C-4A5A-B91F-02634DC911A5}) (Version: RC3 - Team DC - V.R- Zaka1 - Mono 2020®)
STL Ignite Libra (HKLM\...\Libra_is1) (Version: 1.2.0 - STL Ignite)
STL Tonality Andy James (HKLM\...\Andy James_is1) (Version: 1.0.1 - STL Tonality)
STL Tones STL Tonality - Howard Benson (HKLM\...\STL Tonality - Howard Benson_is1) (Version: 1.0.2b - STL Tones)
Superior Drummer 3 64-bit (HKLM\...\{601B23D3-45DC-4B2B-BAEB-FACA2F9A3656}) (Version: 3.0.1 - Toontrack)
Tales Of Monkey Insland Gold (HKLM-x32\...\Tales Of Monkey Insland Gold) (Version:  - )
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.2781 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.44.5 - TeamViewer)
Telegram Desktop (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.9.9 - Telegram FZ-LLC)
Toontrack EZBass v1.1.6 Update (HKLM\...\{91B79BB2-AA4A-454C-B671-0D3A9F94DB6C}_is1) (Version: 1.1.6 - Toontrack & Team V.R)
Toontrack EZdrummer 2.1.8 (HKLM\...\EZdrummer_is1) (Version: 2.1.8 - Toontrack & Team V.R)
Toontrack Superior Drummer 3.1.7 (HKLM\...\Superior Drummer 3_is1) (Version: 3.1.7 - Toontrack & Team V.R)
TP-Link PLC Utility (HKLM-x32\...\{88BC1EEA-0E0D-4016-B892-5FE92C01845A}) (Version: 2.3.3960.1 - TP-Link) Hidden
TP-Link PLC Utility (HKLM-x32\...\InstallShield_{88BC1EEA-0E0D-4016-B892-5FE92C01845A}) (Version: 2.3.3960.1 - TP-Link)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{CC1FE5D3-78A8-4EC4-AB83-B5EF8DC4118D}) (Version: 1.16.0.0 - Microsoft Corporation) Hidden
VCDS Release 15.7.1 (HKLM-x32\...\VCDS Release) (Version: 15.7.1 - Ross-Tech)
VGL (HKLM-x32\...\{9B4E0A2E-9475-4D0F-ACBD-D73727C1D51A}) (Version: 1.0 - TSC)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Vulkan Run Time Libraries 1.0.21.0 (HKLM\...\VulkanRT1.0.21.0) (Version: 1.0.21.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WebAdvisor de McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.827 - McAfee, LLC)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 118.0.2088.76 - Microsoft Corporation)
WhatsApp (Outdated) (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\WhatsApp) (Version: 2.2326.10 - WhatsApp)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 6.23 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.23.0 - win.rar GmbH)
Xiaomi Cloud (HKLM\...\dbd7cffb-9b67-55a5-b1a3-aabba639e500) (Version: 1.0.16 - 小米科技有限责任公司)
Zoom (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\ZoomUMX) (Version: 5.15.12 (21574) - Zoom Video Communications, Inc.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2022-08-15] (Autodesk Inc.)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-08-15] (Microsoft Corporation)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-11] (Microsoft Corporation)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.0.82.0_x64__htrsf667h5kn2 [2023-09-04] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.9.14.0_x86__htrsf667h5kn2 [2023-05-15] (Dell Inc)
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2023-11-02] (Dropbox Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa [2023-10-25] (Apple Inc.) [Startup Task]
McAfee® Security -> C:\Program Files\McAfee\wps\1.12.340.1 [2023-10-29] ()
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-08-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-08-06] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-08-15] (Netflix, Inc.)
One Calendar -> C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2023.819.1.0_x64__8kea50m9krsh2 [2023-08-26] (Code Spark)
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.607.100_x64__8wekyb3d8bbwe [2023-06-15] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.10160.0_x64__8wekyb3d8bbwe [2023-10-22] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2342.7.0_x64__cv1g1gvanyjgm [2023-10-27] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.2 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2023-07-19] (Microsoft Corp.)
WinAppRuntime.Main.1.3 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.3_3000.934.1904.0_x64__8wekyb3d8bbwe [2023-08-08] (Microsoft Corp.)
WinAppRuntime.Main.1.4 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.4_4000.1010.1349.0_x64__8wekyb3d8bbwe [2023-10-29] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_4000.986.611.0_x64__8wekyb3d8bbwe [2023-10-30] (Microsoft Corp.)
Windows App Runtime DDLM 2000.802.31.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.802.31.0-x6_2000.802.31.0_x64__8wekyb3d8bbwe [2023-07-19] (Microsoft Corporation)
Windows App Runtime DDLM 2000.802.31.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.802.31.0-x8_2000.802.31.0_x86__8wekyb3d8bbwe [2023-07-19] (Microsoft Corporation)
Windows App Runtime DDLM 3000.882.2207.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3000.882.2207.0-x6_3000.882.2207.0_x64__8wekyb3d8bbwe [2023-09-12] (Microsoft Corporation)
Windows App Runtime DDLM 3000.882.2207.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3000.882.2207.0-x8_3000.882.2207.0_x86__8wekyb3d8bbwe [2023-09-12] (Microsoft Corporation)
Windows App Runtime DDLM 4000.964.11.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.964.11.0-x6_4000.964.11.0_x64__8wekyb3d8bbwe [2023-10-29] (Microsoft Corporation)
Windows App Runtime DDLM 4000.964.11.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.964.11.0-x8_4000.964.11.0_x86__8wekyb3d8bbwe [2023-10-29] (Microsoft Corporation)
Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2023.930.722.582_neutral__8wekyb3d8bbwe [2023-10-02] (Microsoft Corporation)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-456901426-2367040865-2536711323-1001_Classes\CLSID\{04271989-C4D2-4135-C564-1FD9BCC03C8A} -> [OneDrive - Educantabria] => C:\Users\David\OneDrive - Educantabria [2022-12-09 10:10]
CustomCLSID: HKU\S-1-5-21-456901426-2367040865-2536711323-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23061.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-456901426-2367040865-2536711323-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-456901426-2367040865-2536711323-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => Ningún archivo
CustomCLSID: HKU\S-1-5-21-456901426-2367040865-2536711323-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\David\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-456901426-2367040865-2536711323-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\David\Dropbox [2018-10-31 00:23]
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\83.0.2.0\drivefsext.dll [2023-10-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\83.0.2.0\drivefsext.dll [2023-10-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\83.0.2.0\drivefsext.dll [2023-10-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\83.0.2.0\drivefsext.dll [2023-10-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\83.0.2.0\drivefsext.dll [2023-10-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\wps\1.12.340.1\mc-ctxmnu.dll [2023-10-29] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-07-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-07-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\83.0.2.0\drivefsext.dll [2023-10-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-07-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\83.0.2.0\drivefsext.dll [2023-10-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxDTCM.dll [2020-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\wps\1.12.340.1\mc-ctxmnu.dll [2023-10-29] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2018-08-13 15:35 - 2018-08-13 15:35 - 000066560 _____ () [Archivo no firmado] C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\Logger.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 000017920 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 003567616 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-02-26 04:05 - 2020-02-26 04:05 - 001518592 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2016-09-19 19:36 - 2016-09-19 19:36 - 002640896 _____ (Atheros Communications) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\DiagAPI.dll
2023-02-10 03:24 - 2023-08-10 10:28 - 004054016 ____R (pdfforge GmbH) [Archivo no firmado] C:\Program Files\PDF Architect 9\bl.dll
2016-09-19 19:36 - 2016-09-19 19:36 - 000250880 _____ (Quacomm Atheros, Inc.) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\awic\DCWlan.dll
2016-09-19 19:35 - 2016-09-19 19:35 - 000129024 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\awic\ipc.dll
2016-09-19 19:35 - 2016-09-19 19:35 - 000124928 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\awic\TCPConnection.dll
2016-09-19 19:35 - 2016-09-19 19:35 - 000244736 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\awic\utils.dll
2016-09-19 19:38 - 2016-09-19 19:38 - 000153600 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\en-US\AWiCDiag.dll.mui
2016-09-19 19:35 - 2016-09-19 19:35 - 000129024 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\ipc.dll
2016-09-19 19:35 - 2016-09-19 19:35 - 000124928 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\TCPConnection.dll
2016-09-19 19:35 - 2016-09-19 19:35 - 000244736 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\utils.dll
2016-09-19 19:35 - 2016-09-19 19:35 - 000129024 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ipc.dll
2016-09-19 19:35 - 2016-09-19 19:35 - 000129024 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\spectral\ipc.dll
2016-09-19 19:35 - 2016-09-19 19:35 - 000124928 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\spectral\TCPConnection.dll
2016-09-19 19:35 - 2016-09-19 19:35 - 000244736 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\spectral\utils.dll
2016-09-19 19:35 - 2016-09-19 19:35 - 000124928 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\TCPConnection.dll
2016-09-19 19:35 - 2016-09-19 19:35 - 000244736 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\utils.dll
2005-01-13 10:47 - 2005-01-13 10:47 - 000049152 _____ (SEIKO EPSON CORP.) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\ESPSUTL.dll
2011-04-14 09:25 - 2011-04-14 09:25 - 000206336 _____ (SEIKO EPSON CORP.) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\ScnCom10.dll
2011-04-14 09:25 - 2011-04-14 09:25 - 000082944 _____ (SEIKO EPSON CORP.) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\ScnEps25.dll
2011-04-14 09:25 - 2011-04-14 09:25 - 000055808 _____ (SEIKO EPSON CORP.) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\ScnMgr10.dll
2011-11-25 17:47 - 2011-11-25 17:47 - 000110080 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2011-04-14 09:16 - 2011-04-14 09:16 - 000136704 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\ScanEngine30.dll
2019-02-18 18:39 - 2012-11-12 15:15 - 000558592 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\WINDOWS\System32\enppmon.dll
2019-02-18 18:39 - 2012-10-22 17:19 - 000219648 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\WINDOWS\System32\enpres.dll
2018-08-13 15:35 - 2018-08-13 15:35 - 001262592 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\LIBEAY32.dll
2018-08-13 15:35 - 2018-08-13 15:35 - 000273408 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\ssleay32.dll
2018-08-13 15:35 - 2018-08-13 15:35 - 000036864 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\bearer\qgenericbearer.dll
2018-08-13 15:35 - 2018-08-13 15:35 - 000038912 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\bearer\qnativewifibearer.dll
2018-08-13 15:34 - 2018-08-13 15:34 - 000024576 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\imageformats\qgif.dll
2018-08-13 15:34 - 2018-08-13 15:34 - 000024576 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\imageformats\qico.dll
2018-08-13 15:34 - 2018-08-13 15:34 - 000241152 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\imageformats\qjpeg.dll
2018-08-13 15:34 - 2018-08-13 15:34 - 000018432 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\imageformats\qsvg.dll
2018-08-13 15:35 - 2018-08-13 15:35 - 001077760 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\platforms\qwindows.dll
2018-08-13 15:35 - 2018-08-13 15:35 - 004701696 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\Qt5Core.dll
2018-08-13 15:35 - 2018-08-13 15:35 - 004918784 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\Qt5Gui.dll
2018-08-13 15:35 - 2018-08-13 15:35 - 000935424 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\Qt5Network.dll
2018-08-13 15:35 - 2018-08-13 15:35 - 000251392 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\Qt5Svg.dll
2018-08-13 15:35 - 2018-08-13 15:35 - 004490752 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\Qt5Widgets.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 000031744 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 000039424 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 000031744 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 000413696 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 000025088 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 000025088 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 000023552 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 000519168 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 001431040 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 001180672 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 000135680 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-02-26 03:13 - 2020-02-26 03:13 - 006010880 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-12-04 02:48 - 2019-12-04 02:48 - 006345216 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-12-04 02:48 - 2019-12-04 02:48 - 001078272 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-12-04 02:48 - 2019-12-04 02:48 - 000313856 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-12-04 02:48 - 2019-12-04 02:48 - 004000256 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-12-04 02:48 - 2019-12-04 02:48 - 003802624 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-12-04 02:48 - 2019-12-04 02:48 - 000171008 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2019-12-04 02:48 - 2019-12-04 02:48 - 001083904 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2019-12-04 02:48 - 2019-12-04 02:48 - 000205312 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2019-12-04 02:48 - 2019-12-04 02:48 - 000329728 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-12-04 02:48 - 2019-12-04 02:48 - 000113152 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-12-04 02:48 - 2019-12-04 02:48 - 000376320 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 092323328 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 005560832 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 000463360 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 000188416 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 002888704 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 000053760 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 000059392 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 000017408 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 000287232 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 000329216 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 000136192 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 000089088 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 000312320 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-12-04 02:49 - 2019-12-04 02:49 - 000017920 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-02-26 03:13 - 2020-02-26 03:13 - 000085504 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

Additio (parte 2)

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\David Lozano - Portafolio Prácticum AL.docx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\David\Downloads\FRST64.exe:MBAM.Zone.Identifier [240]
AlternateDataStreams: C:\Users\David\Downloads\MediaCreationTool22H2.exe:MBAM.Zone.Identifier [184]
AlternateDataStreams: C:\Users\David\Downloads\MSEInstall.exe:MBAM.Zone.Identifier [184]
AlternateDataStreams: C:\Users\David\Downloads\Vídeo día del libro Julia.mp4:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\David\Documents\SEMANA 1 (prácticas AL).docx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\David\Documents\SEMANA 2 (prácticas AL).docx:com.dropbox.attrs [54]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMInstallerService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMInstallerService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-10-04] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO: PDF Architect 9 Helper -> {B7753997-DC54-45DE-BB1B-CEEEE19387E7} -> C:\Program Files\PDF Architect 9\creator\plugins\IEAddin\creator-ie-helper.dll [2023-02-10] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: PDF Architect 9 Helper -> {B7753997-DC54-45DE-BB1B-CEEEE19387E7} -> C:\Program Files (x86)\PDF Architect 9\creator\plugins\IEAddin\creator-ie-helper.dll [2023-02-10] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Toolbar: HKLM - PDF Architect 9 Toolbar - {730ABEF9-32D9-433C-9D61-6A1767D966ED} - C:\Program Files\PDF Architect 9\creator\plugins\IEAddin\creator-ie-plugin.dll [2023-02-10] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - PDF Architect 9 Toolbar - {730ABEF9-32D9-433C-9D61-6A1767D966ED} - C:\Program Files (x86)\PDF Architect 9\creator\plugins\IEAddin\creator-ie-plugin.dll [2023-02-10] (pdfforge GmbH -> pdfforge GmbH)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\line6.net -> line6.net
IE trusted site: HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\sharepoint.com -> hxxps://educantabria-files.sharepoint.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2016-07-16 12:47 - 2023-08-06 10:18 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKU\S-1-5-21-456901426-2367040865-2536711323-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\backgroundDefault.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: ABBYY.Licensing.FineReader.Sprint.9.0 => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: cplspcon => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: Dell Digital Delivery Services => 2
MSCONFIG\Services: DellClientManagementService => 2
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: esifsvc => 2
MSCONFIG\Services: Focusrite Control Server => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: igfxCUIService2.0.0.0 => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McAfee WebAdvisor => 2
MSCONFIG\Services: mccspsvc => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NTKDaemonService => 2
MSCONFIG\Services: PaceLicenseDServices => 2
MSCONFIG\Services: PDF Architect 6 => 3
MSCONFIG\Services: PDF Architect 6 Creator => 2
MSCONFIG\Services: PDF Architect 6 Update Service => 2
MSCONFIG\Services: PDF Architect 8 => 3
MSCONFIG\Services: PDF Architect 8 Creator => 3
MSCONFIG\Services: Realtek87L => 2
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: RtkAudioService => 2
MSCONFIG\Services: SafeConnectService => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: WavesSysSvc => 2

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{AD7B6211-92D4-4026-9871-93B00DCBED8D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{82DCFCAE-A66F-4F33-9E0A-FC589D5825D2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{97A5FCED-2F0D-42AB-9506-BEA277C3D1F1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D6E492E1-458F-4573-8CF5-ADC0FFBC9BDD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D6F7F375-04F5-4A0B-9F95-418886908FC7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6C4AB28B-94D2-49C6-85F3-740081ABEF4E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{60392A20-E6DB-4DB0-92A0-2B8109C6714B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{058F0B1C-46BA-4416-93C6-B24F4942CF4C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F159EABD-1B82-404B-87F6-4AA621473A9A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{9F207A1B-844B-4A99-81E4-71122E1319C8}C:\users\david\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\david\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{59BF128E-7C7B-4010-B266-DF4F6EDEEDAC}C:\users\david\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\david\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{5C84F87C-FE44-47B1-AFC3-EA5F6D8AC680}C:\users\david\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\david\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{ED4767CE-6C2E-4DAF-A300-9035DB4BA7B3}C:\users\david\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\david\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9330EE2B-012A-4439-ACA2-35851203600B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AD86CE3F-3164-4F59-91F3-AC395E7DD6F3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{99CE0C91-63AE-471B-BF52-337567C333E0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CCE650AB-7AD0-4091-9613-242FE3CA5FCE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E918BFBF-92E8-4A0F-9C47-493D5BA76BB3}] => (Allow) C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe (Focusrite Audio Engineering Ltd.) [Archivo no firmado]
FirewallRules: [{5D1163DD-CD2A-4FF9-A277-F3D1CDE92D25}] => (Allow) LPort=53
FirewallRules: [{E173F94D-5E66-4E77-A9B2-30D49BF22315}] => (Allow) LPort=1542
FirewallRules: [{16CEF79A-85CF-4E0D-B0D0-585350191575}] => (Allow) LPort=1542
FirewallRules: [{D7D534DF-D2D2-4766-AC31-DBE6199E8E33}] => (Allow) C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.) [Archivo no firmado]
FirewallRules: [{56040C8C-B7B4-46E3-B161-757062373297}] => (Allow) C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.) [Archivo no firmado]
FirewallRules: [{F422BCE0-EF09-4B7C-9436-07CD3ABD0406}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{9DFCD113-0851-4E1E-A202-D40CE62076C8}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{901315B2-5259-4D94-B732-DD022277B237}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{8194FC41-AFBC-434F-A9B4-5967D108537D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{2E1B09BA-8FA6-450F-A7D9-386E1D611FD0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{41BA781B-1EA1-49AD-A615-0E0B396D115A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{625A9F40-520B-4872-A862-2668F44F0908}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5FCF399C-917D-4BB9-B5FF-89E6181D2ACD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1F36858C-9F7B-40DD-9471-06D75D1D48DD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{114BCCEB-8405-4AF6-895A-D32AB135F7BB}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => Ningún archivo
FirewallRules: [{6C211ACA-E16D-46EE-A7CC-95A91804CF87}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => Ningún archivo
FirewallRules: [{E6DAE4C4-CE29-4B1A-BD04-178F4877B2B1}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => Ningún archivo
FirewallRules: [{F4F91559-B9F3-4224-90AC-510472B55B90}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => Ningún archivo
FirewallRules: [{F40026A9-E2DE-4271-B6C0-842EAD9BD618}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => Ningún archivo
FirewallRules: [{AD8BA9F2-1779-4DCE-AFB1-F32945BA8C6E}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe => Ningún archivo
FirewallRules: [{B6F48DC1-968A-4CBB-932D-D65E2E611A74}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe => Ningún archivo
FirewallRules: [{BB685763-EFD5-48E3-801F-B52D106DD6EB}] => (Allow) C:\Users\David\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{0669E336-67D6-41E8-B59F-1C8524D9FAB6}] => (Allow) C:\Users\David\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{0DCB722E-AD67-4DA7-8A6B-641CB8C90A36}] => (Allow) C:\Users\David\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{617B4D6E-CFE4-45F0-AF81-1C0DAB70566B}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [{2EAE1EF9-F615-4431-BB11-0A47C54BC35C}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{940A4FDF-249C-4384-8F4C-F58E35B29225}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [UDP Query User{53DCBA25-C0F5-49D2-AD4F-372A504D2055}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [{CB0CAA3C-D1E5-4AC7-A7D2-E46161BFE32F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7F66E9FF-70D7-4A9D-94E6-DA6FC70638FD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{27DB54DD-E76B-4E2F-AFCB-3D4F2383AF07}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{006E3C6C-3FE5-48FB-A308-A0804549F316}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8584B3BA-CEC3-4850-B64D-078B19CFD139}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{9A2B35B9-3189-46F7-A4DF-95DBC121E2C3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{68CF1086-0F9B-4954-ACC5-0F0DAA5302E0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{5B7A484A-3954-497D-BF24-64409E3DE0D1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{483B4942-1EFF-410C-BB85-84DED7098374}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{6D2C0B92-CAC3-468F-A18F-AAE2BF1FAD30}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{6C0A168B-C7FA-4174-85A2-1A8A6CDC09AA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{20E5F37F-3AC2-4508-8BBE-02A979534D2E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{F6A09BF2-35CC-41DB-A010-5BDA345C0E6B}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\118.0.2088.76\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BB175457-4191-44DA-8B15-2639A9C8B728}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{16F3077C-57D4-4CBF-8A0E-66B663AED2DA}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{6BFC282B-0AB0-44FD-9C11-80CD3ACC7F13}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Puntos de Restauración =========================

27-10-2023 10:46:08 Punto de control programado
27-10-2023 11:57:37 Instalador de Módulos de Windows

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (11/02/2023 09:23:44 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: SafeConnect.Entry.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.NullReferenceException
   en SafeConnect.Core.APP.Utils.PolicyManager+<LoadPolicy>d__10.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task)
   en System.Runtime.CompilerServices.TaskAwaiter.GetResult()
   en SafeConnect.Core.APP.App+<AppSettingsInitialization>d__29.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task)
   en System.Runtime.CompilerServices.TaskAwaiter.GetResult()
   en SafeConnect.Core.APP.App+<OnStartup>d__27.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   en System.Windows.Threading.DispatcherOperation.InvokeImpl()
   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   en MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   en System.Windows.Threading.DispatcherOperation.Invoke()
   en System.Windows.Threading.Dispatcher.ProcessQueue()
   en System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   en MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   en MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   en System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   en MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   en MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   en System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   en System.Windows.Application.RunDispatcher(System.Object)
   en System.Windows.Application.RunInternal(System.Windows.Window)
   en <Module>.StartupRun()

Error: (11/02/2023 09:29:27 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) No puede encontrar el objeto o propiedad

Error: (11/02/2023 09:29:27 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) No puede encontrar el objeto o propiedad

Error: (11/02/2023 09:28:15 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: SafeConnect.Entry.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.NullReferenceException
   en SafeConnect.Core.APP.Utils.PolicyManager+<LoadPolicy>d__10.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task)
   en System.Runtime.CompilerServices.TaskAwaiter.GetResult()
   en SafeConnect.Core.APP.App+<AppSettingsInitialization>d__29.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task)
   en System.Runtime.CompilerServices.TaskAwaiter.GetResult()
   en SafeConnect.Core.APP.App+<OnStartup>d__27.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   en System.Windows.Threading.DispatcherOperation.InvokeImpl()
   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   en MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   en System.Windows.Threading.DispatcherOperation.Invoke()
   en System.Windows.Threading.Dispatcher.ProcessQueue()
   en System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   en MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   en MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   en System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   en MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   en MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   en System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   en System.Windows.Application.RunDispatcher(System.Object)
   en System.Windows.Application.RunInternal(System.Windows.Window)
   en <Module>.StartupRun()

Error: (11/01/2023 07:11:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files\FocusriteUSB\Focusrite Notifier.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3570_none_60bb2a3971f3e41a.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3570_none_a868611086700d20.manifest.

Error: (11/01/2023 07:11:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files\FocusriteUSB\Focusrite Notifier.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3570_none_60bb2a3971f3e41a.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3570_none_a868611086700d20.manifest.

Error: (11/01/2023 07:11:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files\FocusriteUSB\Focusrite Notifier.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3570_none_60bb2a3971f3e41a.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3570_none_a868611086700d20.manifest.

Error: (11/01/2023 07:11:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files\FocusriteUSB\Focusrite Notifier.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3570_none_60bb2a3971f3e41a.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3570_none_a868611086700d20.manifest.


Errores del sistema:
=============
Error: (11/02/2023 09:23:45 PM) (Source: googledrivefs31092) (EventID: 2) (User: )
Description: The driver version of the disk does not match.

Error: (11/02/2023 04:16:24 PM) (Source: DCOM) (EventID: 10010) (User: WINDELL-14BP45B)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/02/2023 04:16:24 PM) (Source: DCOM) (EventID: 10010) (User: WINDELL-14BP45B)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/02/2023 04:16:24 PM) (Source: DCOM) (EventID: 10010) (User: WINDELL-14BP45B)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/02/2023 04:16:24 PM) (Source: DCOM) (EventID: 10010) (User: WINDELL-14BP45B)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/02/2023 04:16:23 PM) (Source: DCOM) (EventID: 10010) (User: WINDELL-14BP45B)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/02/2023 04:16:23 PM) (Source: DCOM) (EventID: 10010) (User: WINDELL-14BP45B)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/02/2023 04:16:23 PM) (Source: DCOM) (EventID: 10010) (User: WINDELL-14BP45B)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.


CodeIntegrity:
===============
Date: 2023-11-02 21:54:49
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\McAfee\WPS\1.12.340.1\mc-sec-plugin-x64.dll that did not meet the Windows signing level requirements.


==================== Información de la memoria =========================== 

BIOS: Dell Inc. 1.2.8 05/22/2019
Placa base: Dell Inc. 05VRRG
Procesador: Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz
Porcentaje de memoria en uso: 34%
RAM física total: 16282.63 MB
RAM física disponible: 10663.1 MB
Virtual total: 18714.63 MB
Virtual disponible: 11957.45 MB

==================== Unidades ================================

Drive c: (Windows) (Fixed) (Total:237.03 GB) (Free:53.42 GB) (Model: SanDisk X400 2.5 7MM 256GB) NTFS
Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:0.49 GB) (Model: SanDisk X400 2.5 7MM 256GB) FAT32

\\?\Volume{90f9eb0c-405f-4d71-a3e3-654cb83357d6}\ (WinRE) (Fixed) (Total:0.39 GB) (Free:0.38 GB) NTFS
\\?\Volume{6d2271ac-5bc7-4adf-91a7-ff6d798a283f}\ () (Fixed) (Total:0.83 GB) (Free:0.2 GB) NTFS
\\?\Volume{b27b9f3f-ebb0-4f97-bd09-77138d8fb90e}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Final de Addition.txt =======================

Hola buenas @Davidian en primer lugar mis disculpas en que haya tardado tanto en responder.

Pues actualmente llevo muchísimos casos en el foro y tengo mi vida… y mi tiempo es limitado. Bastante limitado y el foro… es solo uno de mis pequeños hobbies.

Dicho esto, analizo logs y en un rato traigo respuesta.

…

Ya estoy aquí:

[color=#2271b3] PREGUNTAS [/color]

¿Tú has instalado en tu ordenador los siguientes programas o te suenan? Son estos:

Advanced Archive Password Recovery (HKLM-x32\...\{FE241076-B49A-4129-9DFD-08394BE497D7}) (Version: 4.54.110.4540 - Elcomsoft Co. Ltd.)
Sigma version 1.0.2 (HKLM\...\Sigma_is1) (Version: 1.0.2 - )
Snap Camera 1.10.0 (HKLM-x32\...\{024A6CF5-627D-497F-980B-B9A6EC5C40AF}_is1) (Version: 1.10.0 - Snap Inc.)
PACE License Support Win64 (HKLM\...\{CDDC4CA3-FBF0-46c3-8EB1-B001EA7FDA55}) (Version: 5.2.1.3096 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{CDDC4CA3-FBF0-46c3-8EB1-B001EA7FDA55}) (Version: 5.2.1.3096 - PACE Anti-Piracy, Inc.)
VGL (HKLM-x32\...\{9B4E0A2E-9475-4D0F-ACBD-D73727C1D51A}) (Version: 1.0 - TSC)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)

¿Los descargaste del sitio oficial? ¿Son piratas ? ¿O son legales? Dime el estado de cada uno… si es legal… pirata y si lo descargaste del sitio oficial o no.

He detectado en tu equipo los siguientes antivirus instalados:

McAfee
Windows Defender

Todo y que por el log me lo imagino… ¿Pero qué antivirus utilizas actualmente en tu equipo como protección residente? ¿Y qué Firewall?

Ahora debes de hacer una [color=#ff00]COPIA DE SEGURIDAD DEL REGISTRO[/color], para ello:

• Reinicias el ordenador en Modo Normal.

• Descargas DelFix en tu escritorio.

• Doble clic para ejecutarlo. [size=2](Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)[/size]

• Marcas solamente la casilla de [color=#ff00]Create registry backup[/color], el resto te aseguras de que no estén seleccionadas.

• Presionas en Run.

Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.

Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:

Unlock: C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Unlock: C:\WINDOWS\UpdateAssistant
File: C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe;C:\ProgramData\sysqcl1131236454.dat;C:\Users\David\AppData\Roaming\msregsvv.dll;C:\Users\David\AppData\Roaming\wscript.exe
VirusTotal: C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe;C:\ProgramData\sysqcl1131236454.dat;C:\Users\David\AppData\Roaming\msregsvv.dll;C:\Users\David\AppData\Roaming\wscript.exe

HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Policies\Explorer: [NoLogOff] 0
Task: {53729C35-7838-432C-A2AB-098B72D1A37B} - System32\Tasks\Microsoft\Windows\Chkdsk\CNHe-tiering-events => C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [58864 2022-06-25] (Microsoft Corporation -> Microsoft Corporation) -> C:\PROGRA~2\GENERI~1\XXIVER~1\DEVROM~1.DLL /nologo /unregister
Task: {3B46CC74-800C-4D2E-B288-7D2E34EC83B9} - System32\Tasks\PCDDataUploadTask => "uaclauncher.exe"  -lloc dataupload --ignoresecondarysplash --runsilently --skipidlewait (Ningún archivo)
Task: {EA2424B0-7DEA-48E5-8534-5EFFF0ABFE88} - System32\Tasks\SystemToolsDailyTest => "uaclauncher.exe"  -silentenumeration -st SystemToolsDailyTest --ignoresecondarysplash --runsilently (Ningún archivo)
Task: {AFA0C759-8175-460B-9096-506623E4C5F2} - System32\Tasks\Uninstall AdwCleaner Application => C:\Users\David\Desktop\adwcleaner.exe  /uninstall (Ningún archivo)
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
FF user.js: detected! => C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\mavro3k7.default-release-1695203406618\user.js [2023-09-20]
FF HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Firefox\Extensions: [[email protected]] - C:\Users\David\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => no encontrado
FF Plugin HKU\S-1-5-21-456901426-2367040865-2536711323-1001: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\David\AppData\Roaming\ACEStream\player\npace_plugin.dll [Ningún archivo]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default_Old [2023-08-07] <==== ATENCIÓN
CHR HKLM-x32\...\Chrome\Extension: [hcjdanpjacpeeppdjkppebobilhaglfo]
CHR HKLM-x32\...\Chrome\Extension: [lecopdllcadfbliodgfpfbhgoaohmlfe]
BRA Extension: (SearchPreview) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo [2021-05-30]
S4 DellClientManagementService; "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe" [X]
CustomCLSID: HKU\S-1-5-21-456901426-2367040865-2536711323-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
AlternateDataStreams: C:\David Lozano - Portafolio Prácticum AL.docx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\David\Downloads\FRST64.exe:MBAM.Zone.Identifier [240]
AlternateDataStreams: C:\Users\David\Downloads\MediaCreationTool22H2.exe:MBAM.Zone.Identifier [184]
AlternateDataStreams: C:\Users\David\Downloads\MSEInstall.exe:MBAM.Zone.Identifier [184]
AlternateDataStreams: C:\Users\David\Downloads\Vídeo día del libro Julia.mp4:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\David\Documents\SEMANA 1 (prácticas AL).docx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\David\Documents\SEMANA 2 (prácticas AL).docx:com.dropbox.attrs [54]
IE trusted site: HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\line6.net -> line6.net
FirewallRules: [{5D1163DD-CD2A-4FF9-A277-F3D1CDE92D25}] => (Allow) LPort=53
FirewallRules: [{E173F94D-5E66-4E77-A9B2-30D49BF22315}] => (Allow) LPort=1542
FirewallRules: [{16CEF79A-85CF-4E0D-B0D0-585350191575}] => (Allow) LPort=1542
FirewallRules: [{114BCCEB-8405-4AF6-895A-D32AB135F7BB}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => Ningún archivo
FirewallRules: [{6C211ACA-E16D-46EE-A7CC-95A91804CF87}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => Ningún archivo
FirewallRules: [{E6DAE4C4-CE29-4B1A-BD04-178F4877B2B1}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => Ningún archivo
FirewallRules: [{F4F91559-B9F3-4224-90AC-510472B55B90}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => Ningún archivo
FirewallRules: [{F40026A9-E2DE-4271-B6C0-842EAD9BD618}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => Ningún archivo
FirewallRules: [{AD8BA9F2-1779-4DCE-AFB1-F32945BA8C6E}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe => Ningún archivo
FirewallRules: [{B6F48DC1-968A-4CBB-932D-D65E2E611A74}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe => Ningún archivo
C:\PROGRA~2\GENERI~1\XXIVER~1\DEVROM~1.DLL
C:\Users\David\Desktop\adwcleaner.exe
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\mavro3k7.default-release-1695203406618\user.js
C:\Users\David\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
C:\Users\David\AppData\Roaming\ACEStream\player\npace_plugin.dll
2020-10-29 19:00 - 2020-10-29 19:00 - 000000008 __RSH () C:\ProgramData\sysqcl1131236454.dat
2019-02-10 19:29 - 2015-09-18 15:13 - 000937776 _____ (AutoIt Team) C:\Users\David\AppData\Roaming\wscript.exe
C:\Users\David\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END

Lo guardas con el nombre de FIXLIST.TXT en tu escritorio [color=#ff00](MUY IMPORTANTE).[/color] Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.

[color=#ff00]El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.[/color]

Finalmente (OJO, en MODO NORMAL):

1. Ejecutas nuevamente FRST.exe [size=2](Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)[/size].

2. Presionas sobre [color=#ff00]Fix/Corregir[/color] y esperas a que finalice el proceso. [color=#ff00]No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.[/color]

3. Cunado finalice, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta.

4. Reinicias el ordenador en Modo Normal compruebas durante un rato el funcionamiento de este y comentas como sigue el problema inicialmente planteado.

Muy Importante Coloca el reporte que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

Muy buenas, Los que si he instalado de forma normal y legal son: Sigma, Snap Camera y VGL. Los demas no los recuerdo, pero puedo prescindir de todos ellos ya que no lo uso.

Utilizo McAfee ya que pago suscripcion anual. El firewall, uso el que tiene activado McAfee.

Te reporto el Fixlog:

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 05-11-2023 02
Ejecutado por David (30-11-2023 17:52:15) Run:1
Ejecutado desde C:\Users\David\Desktop
Perfiles cargados: defaultuser0 & David
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:

Unlock: C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Unlock: C:\WINDOWS\UpdateAssistant
File: C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe;C:\ProgramData\sysqcl1131236454.dat;C:\Users\David\AppData\Roaming\msregsvv.dll;C:\Users\David\AppData\Roaming\wscript.exe
VirusTotal: C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe;C:\ProgramData\sysqcl1131236454.dat;C:\Users\David\AppData\Roaming\msregsvv.dll;C:\Users\David\AppData\Roaming\wscript.exe

HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Policies\Explorer: [NoLogOff] 0
Task: {53729C35-7838-432C-A2AB-098B72D1A37B} - System32\Tasks\Microsoft\Windows\Chkdsk\CNHe-tiering-events => C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [58864 2022-06-25] (Microsoft Corporation -> Microsoft Corporation) -> C:\PROGRA~2\GENERI~1\XXIVER~1\DEVROM~1.DLL /nologo /unregister
Task: {3B46CC74-800C-4D2E-B288-7D2E34EC83B9} - System32\Tasks\PCDDataUploadTask => "uaclauncher.exe"  -lloc dataupload --ignoresecondarysplash --runsilently --skipidlewait (Ningún archivo)
Task: {EA2424B0-7DEA-48E5-8534-5EFFF0ABFE88} - System32\Tasks\SystemToolsDailyTest => "uaclauncher.exe"  -silentenumeration -st SystemToolsDailyTest --ignoresecondarysplash --runsilently (Ningún archivo)
Task: {AFA0C759-8175-460B-9096-506623E4C5F2} - System32\Tasks\Uninstall AdwCleaner Application => C:\Users\David\Desktop\adwcleaner.exe  /uninstall (Ningún archivo)
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
FF user.js: detected! => C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\mavro3k7.default-release-1695203406618\user.js [2023-09-20]
FF HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Firefox\Extensions: [[email protected]] - C:\Users\David\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => no encontrado
FF Plugin HKU\S-1-5-21-456901426-2367040865-2536711323-1001: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\David\AppData\Roaming\ACEStream\player\npace_plugin.dll [Ningún archivo]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default_Old [2023-08-07] <==== ATENCIÓN
CHR HKLM-x32\...\Chrome\Extension: [hcjdanpjacpeeppdjkppebobilhaglfo]
CHR HKLM-x32\...\Chrome\Extension: [lecopdllcadfbliodgfpfbhgoaohmlfe]
BRA Extension: (SearchPreview) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo [2021-05-30]
S4 DellClientManagementService; "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe" [X]
CustomCLSID: HKU\S-1-5-21-456901426-2367040865-2536711323-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
AlternateDataStreams: C:\David Lozano - Portafolio Prácticum AL.docx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\David\Downloads\FRST64.exe:MBAM.Zone.Identifier [240]
AlternateDataStreams: C:\Users\David\Downloads\MediaCreationTool22H2.exe:MBAM.Zone.Identifier [184]
AlternateDataStreams: C:\Users\David\Downloads\MSEInstall.exe:MBAM.Zone.Identifier [184]
AlternateDataStreams: C:\Users\David\Downloads\Vídeo día del libro Julia.mp4:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\David\Documents\SEMANA 1 (prácticas AL).docx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\David\Documents\SEMANA 2 (prácticas AL).docx:com.dropbox.attrs [54]
IE trusted site: HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\line6.net -> line6.net
FirewallRules: [{5D1163DD-CD2A-4FF9-A277-F3D1CDE92D25}] => (Allow) LPort=53
FirewallRules: [{E173F94D-5E66-4E77-A9B2-30D49BF22315}] => (Allow) LPort=1542
FirewallRules: [{16CEF79A-85CF-4E0D-B0D0-585350191575}] => (Allow) LPort=1542
FirewallRules: [{114BCCEB-8405-4AF6-895A-D32AB135F7BB}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => Ningún archivo
FirewallRules: [{6C211ACA-E16D-46EE-A7CC-95A91804CF87}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => Ningún archivo
FirewallRules: [{E6DAE4C4-CE29-4B1A-BD04-178F4877B2B1}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => Ningún archivo
FirewallRules: [{F4F91559-B9F3-4224-90AC-510472B55B90}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => Ningún archivo
FirewallRules: [{F40026A9-E2DE-4271-B6C0-842EAD9BD618}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => Ningún archivo
FirewallRules: [{AD8BA9F2-1779-4DCE-AFB1-F32945BA8C6E}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe => Ningún archivo
FirewallRules: [{B6F48DC1-968A-4CBB-932D-D65E2E611A74}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe => Ningún archivo
C:\PROGRA~2\GENERI~1\XXIVER~1\DEVROM~1.DLL
C:\Users\David\Desktop\adwcleaner.exe
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\mavro3k7.default-release-1695203406618\user.js
C:\Users\David\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
C:\Users\David\AppData\Roaming\ACEStream\player\npace_plugin.dll
2020-10-29 19:00 - 2020-10-29 19:00 - 000000008 __RSH () C:\ProgramData\sysqcl1131236454.dat
2019-02-10 19:29 - 2015-09-18 15:13 - 000937776 _____ (AutoIt Team) C:\Users\David\AppData\Roaming\wscript.exe
C:\Users\David\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
"C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe" => fue desbloqueado
"C:\WINDOWS\UpdateAssistant" => fue desbloqueado

========================= File: C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe;C:\ProgramData\sysqcl1131236454.dat;C:\Users\David\AppData\Roaming\msregsvv.dll;C:\Users\David\AppData\Roaming\wscript.exe ========================

C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
El archivo está firmado digitalmente
MD5: 592F68D1B908AC9777563F42942DD5E4
Fecha de creación y modificación: 2018-05-15 12:01 - 2018-05-15 12:01
Tamaño: 000364728
Atributos: ----A
Nombre de la compañía: Microsoft Corporation -> Microsoft Corporation
Interno Nombre: UpdateAssistant
Original Nombre: UpdateAssistant.exe
Producto: Microsoft® Windows® Operating System
Descripción: UpdateAssistant
Archivo Versión: 10.0.14393.10050 (rs1_release_d_bugfix(cxesa).180515-1254)
Producto Versión: 10.0.14393.10050
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/gui/file/cc43999e22f775d63af285623df5022b0cf8b80ac00293b39103764093fef0e6/detection/f-cc43999e22f775d63af285623df5022b0cf8b80ac00293b39103764093fef0e6-1673277231

C:\ProgramData\sysqcl1131236454.dat
Archivo no firmado
MD5: 23F69E4F2A490D2A38678C8AEFC29A0E
Fecha de creación y modificación: 2020-10-29 19:00 - 2020-10-29 19:00
Tamaño: 000000008
Atributos: -RASH
Nombre de la compañía: 
Interno Nombre: 
Original Nombre: 
Producto: 
Descripción: 
Archivo Versión: 
Producto Versión: 
Copyright: 
VirusTotal: 0

C:\Users\David\AppData\Roaming\msregsvv.dll
Archivo no firmado
MD5: 2BA523C0E479DB5468BEC2A574BAB576
Fecha de creación y modificación: 2023-05-16 19:02 - 2023-09-22 19:51
Tamaño: 000000048
Atributos: ----A
Nombre de la compañía: 
Interno Nombre: 
Original Nombre: 
Producto: 
Descripción: 
Archivo Versión: 
Producto Versión: 
Copyright: 
VirusTotal: 0

C:\Users\David\AppData\Roaming\wscript.exe
El archivo está firmado digitalmente
MD5: B06E67F9767E5023892D9698703AD098
Fecha de creación y modificación: 2019-02-10 19:29 - 2015-09-18 15:13
Tamaño: 000937776
Atributos: ----A
Nombre de la compañía: AutoIt Consulting Ltd -> AutoIt Team
Interno Nombre: AutoIt3.exe
Original Nombre: AutoIt3.exe
Producto: AutoIt v3 Script
Descripción: AutoIt v3 Script
Archivo Versión: 3, 3, 14, 2
Producto Versión: 3, 3, 14, 2
Copyright: ©1999-2015 Jonathan Bennett & AutoIt Team
VirusTotal: https://www.virustotal.com/gui/file/8498900e57a490404e7ec4d8159bee29aed5852ae88bd484141780eaadb727bb/detection/f-8498900e57a490404e7ec4d8159bee29aed5852ae88bd484141780eaadb727bb-1701354855

====== Final de File: ======

VirusTotal: C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe => (3) Error = 500 Internal Server Error

The server has either erred or is incapable of performing the requested operation.

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
VirusTotal: C:\ProgramData\sysqcl1131236454.dat => (3) Error = 500 Internal Server Error

The server has either erred or is incapable of performing the requested operation.

Siento comunicar que despu´´es de reiniciar y dejar un tiempo, el problema de la doble tilde persiste.

Hola buenas @Davidian

OK pues prescindiremos de todos ellos en cuando sea el momento.

OK entendido.

OK.

OK. Ya veo, ya.

El Fixlog que has traído no está completo ni muchísimo menos. Nos falta mucha información.

¿Has pegado mal el Fixlog y te has dejado de poner una buena parte o bien esto es todo lo que tienes del Fixlog?

¿Estás seguro de que la corrección se ha ejecutado correctamente y que lo has realizado tal y como te dije en mis anteriores instrucciones?

Por favor, revisa de nuevo el Fixlog que tengas y asegúrate de traer todo su contenido, o todo el que esté disponible.

Para ir avanzando…

Necesitaré logs frescos de FARBAR.

Así que haz esto:

[color=#2271b3] EN BUSCA / ELIMINACIÓN DE MALWARE [/color]

Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

[color=#ff00]LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE[/color] (y no en otro sitio).

Descargas Farbar Recovery Scan Tool [color=#ff00]MUY IMPORTANTE[/color] >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?

Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

Farbar Recovery Scan Tool

1. Ejecutas el FRST.exe[size=2] (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).[/size]

2. Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.

3. En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.

4. Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.

[color=#ff00]Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado.[/color] [color=#ff00]También conectas nuevamente tu equipo a Internet.[/color]

[color=#2271b3] PRÓXIMA RESPUESTA[/color]

Pegas los reportes de FRST.txt y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).

NOTA IMPORTANTE

[color=#ff0000]Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:[/color]

• No realices pasos/acciones que NOSOTROS no te hayamos indicado.
• No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
• No instales NADA (programas/software/complementos/extensiones del navegador…).
• No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
• No realices por tu cuenta otros procedimientos.
• Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

Buenas, El Fixlog esta completo. Segui bien las instrucciones. Si que me extraño que al dar a corregir, tardo muy poco en hacerlo. En cuanto pueda te pongo logs frescos.

Muchas gracias por todo el esfuerzo.

FRST (parte 1)

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 05-11-2023 02
Ejecutado por David (administrador) sobre WINDELL-14BP45B (Dell Inc. Inspiron 5567) (02-12-2023 10:45:27)
Ejecutado desde C:\Users\David\Desktop\FRST64 (1).exe
Perfiles cargados: David
Plataforma: Microsoft Windows 10 Home Versión 22H2 19045.3693 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.817.1\DropboxCrashHandler.exe
(C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\Wcct.exe ->) () [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\spectral\SocketServer.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\Google\Drive File Stream\84.0.10.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\84.0.10.0\crashpad_handler.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(ctfmon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(DriverStore\FileRepository\c0354716.inf_amd64_f71e4ad1ddbb6e3d\B352547\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0354716.inf_amd64_f71e4ad1ddbb6e3d\B352547\atieclxx.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxEM.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(explorer.exe ->) (Focusrite Audio Engineering, Ltd.) [Archivo no firmado] C:\Program Files\FocusriteUSB\Focusrite Notifier.exe
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\84.0.10.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Now.gg, INC -> now.gg, Inc.) C:\Users\David\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe <4>
(explorer.exe ->) (Qualcomm Atheros Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\awic\AWiCMgr.exe
(explorer.exe ->) (Qualcomm Atheros Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\Wcct.exe
(explorer.exe ->) (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\AWiCDiag.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIIKE.EXE
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.342\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.342\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0354716.inf_amd64_f71e4ad1ddbb6e3d\B352547\atiesrxx.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\IntelCpHeciSvc.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.13.209.1\mc-fw-host.exe <2>
(services.exe ->) (McAfee, LLC -> McAfee, LLC.) C:\Program Files (x86)\McAfee\McAfee Safe Connect\SafeConnect.ServiceHost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\upfc.exe
(services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 9\activation-service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe <2>
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.13.209.1\neo\core\mc-neo-host.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21750.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21750.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWelcome.exe [127480 2017-11-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AWiCMgr] => C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\AWiC\AWiCMgr.exe [185856 2016-09-19] (Qualcomm Atheros Inc.) [Archivo no firmado]
HKLM\...\Run: [AWiCDiag] => C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\AWiCDiag.exe [3067904 2016-09-19] (Qualcomm Atheros, Inc.) [Archivo no firmado]
HKLM\...\Run: [wcct] => C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\wcct.exe [1076224 2016-09-19] (Qualcomm Atheros Inc.) [Archivo no firmado]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Focusrite Notifier] => C:\Program Files\FocusriteUSB\Focusrite Notifier.exe [3949568 2019-08-02] (Focusrite Audio Engineering, Ltd.) [Archivo no firmado]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11561184 2023-11-14] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\84.0.10.0\GoogleDriveFS.exe [58391840 2023-12-02] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\84.0.10.0\GoogleDriveFS.exe [58391840 2023-12-02] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-456901426-2367040865-2536711323-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\84.0.10.0\GoogleDriveFS.exe [58391840 2023-12-02] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\84.0.10.0\GoogleDriveFS.exe [58391840 2023-12-02] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Run: [SafeConnect] => C:\Program Files (x86)\McAfee\McAfee Safe Connect\SafeConnect.Entry.exe [161440 2022-09-22] (McAfee, LLC -> McAfee, LLC.)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Run: [Spotify] => C:\Users\David\AppData\Roaming\Spotify\Spotify.exe [19970464 2022-07-18] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIKE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Run: [MicrosoftEdgeAutoLaunch_32628329D6ABECAB6CD57130DDFBAC4F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896784 2023-11-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Run: [electron.app.BlueStacks Services] => C:\Users\David\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe [162219656 2023-10-19] (Now.gg, INC -> now.gg, Inc.)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\84.0.10.0\GoogleDriveFS.exe [58391840 2023-12-02] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\EPSON XP-302 303 305 306 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMIKE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [558592 2012-11-12] (SEIKO EPSON CORPORATION) [Archivo no firmado]
HKLM\...\Print\Monitors\PDF Architect 9 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\brand_solution_name_pdfpmon_v.6.11.0.7.dll [960120 2023-08-10] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\119.0.6045.200\Installer\chrmstp.exe [2023-12-01] (Google LLC -> Google LLC)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Updater.lnk [2019-03-11]
ShortcutTarget: RT-Updater.lnk -> C:\Ross-Tech\VCDS\VCDS.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)

==================== Tareas programadas (Lista blanca) =================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {789A48D8-B911-487D-A4A7-DD13774A79D0} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [302968 2023-11-06] (Now.gg, INC -> BlueStack Systems, Inc.)
Task: {4DEC7650-310B-4175-A5E1-65E4706611EB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {9B72AB73-C3DD-4CEA-ABD9-81396CF0D582} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {375A3051-AC4D-48A0-8F6D-E494ABB0B2A9} - System32\Tasks\Elcomsoft\Elcomsoft Updater Autostart => C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\updater-launcher.exe [372320 2018-09-05] (Elcomsoft s.r.o. -> Elcomsoft)
Task: {C179BDA7-4F8F-4F8C-B9B6-6EACA810AC9B} - System32\Tasks\Elcomsoft\Elcomsoft Updater Show => C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\updater-launcher.exe [372320 2018-09-05] (Elcomsoft s.r.o. -> Elcomsoft)
Task: {FD0BCE2D-A343-4150-8896-C1FBAEABB11A} - System32\Tasks\Elcomsoft\Elcomsoft Updater Terminate => C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\updater-launcher.exe [372320 2018-09-05] (Elcomsoft s.r.o. -> Elcomsoft)
Task: {A8A04081-6517-453B-86BE-DFCB60D20F43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-27] (Google Inc -> Google Inc.)
Task: {74F38714-DCA9-482E-AD4C-62E991D81601} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-27] (Google Inc -> Google Inc.)
Task: {75B13D37-9F9F-4566-A764-1B4F17974063} - System32\Tasks\McAfee OEM Subscription job => \\?\C:\Program Files\McAfee\WPS\SubscriptionJob\mc-oem-subjob.exe [2039744 2023-10-10] (McAfee, LLC -> McAfee, LLC)
Task: {7E4A3738-7FEE-45AF-B7E9-2B14FA7F2947} - System32\Tasks\McAfee\WPS\amwebapitriggertask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {E26992C3-F38B-49E7-8025-28C01A167D4B} - System32\Tasks\McAfee\WPS\AntiTrackerTask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {D104C00A-C31C-4003-AA81-E4EE74802434} - System32\Tasks\McAfee\WPS\DAD.WPS.Execute.Updates => C:\Program Files\McAfee\wps\1.13.209.1\dad\mc-dad.exe [4384208 2023-11-24] (McAfee, LLC -> McAfee, LLC)
Task: {737F26A0-6F7B-4569-A65E-74B8990432EA} - System32\Tasks\McAfee\WPS\datupdatetask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {087A4414-3840-4112-956E-75CE663322F3} - System32\Tasks\McAfee\WPS\McAfee Sustainability => C:\Program Files\McAfee\wps\1.13.209.1\sustainability\mc-sustainability.exe [966960 2023-11-24] (McAfee, LLC -> McAfee, LLC)
Task: {642CC37C-343E-4AD6-ABDC-C15B4073E739} - System32\Tasks\McAfee\WPS\mcpcoscanner => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {E7F71067-F260-4D0A-93E3-44686AFAA5F5} - System32\Tasks\McAfee\WPS\NGMCadence => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {3D9A98F9-DEDC-4644-AA72-77CEFF98A852} - System32\Tasks\McAfee\WPS\odsscheduledtask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {0D6CBBFF-A67F-43E4-AB89-74BCC4AADE3D} - System32\Tasks\McAfee\WPS\systemrebootedtask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {FCFAB777-EC0A-4EC2-A79C-DCFDA168E66E} - System32\Tasks\McAfee\WPS\tracker_remover => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {46F98F2B-0E43-40A2-A329-9EA31407FCC9} - System32\Tasks\McAfee\WPS\Update => {81A7CB63-BB07-4DAD-8E72-07B3A9BB08E2}
Task: {05A8FF36-7244-451D-86FA-078184E71D86} - System32\Tasks\McAfee\WPS\WPSPush => \\?\C:\Program Files\McAfee\WPS\1.13.209.1\mc-wns-client\mc-wns-client.exe [832048 2023-11-24] (McAfee, LLC -> )
Task: {DE8DBCD0-F186-4E8F-9874-DE09C810CBBA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {A59EC16B-FD4E-442E-A81E-92DCEDD76D72} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {52B33ED3-01D4-4FCA-A279-C8C5F01D81FE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {4A573342-8063-4B02-AA87-4F62DB9B71E2} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {B8C726F5-4DD8-47BD-A55C-5EBB05C90A4E} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169656 2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {9FD4AD9A-586B-46B3-A559-CEB42589DFBD} - System32\Tasks\Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask => {82aa0895-198a-4c1b-b2d1-c16894218afb} C:\WINDOWS\System32\unifiedconsent.dll [278016 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {53729C35-7838-432C-A2AB-098B72D1A37B} - System32\Tasks\Microsoft\Windows\Chkdsk\CNHe-tiering-events => C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [58864 2022-06-25] (Microsoft Corporation -> Microsoft Corporation) -> C:\PROGRA~2\GENERI~1\XXIVER~1\DEVROM~1.DLL /nologo /unregister <==== ATENCIÓN
Task: {17882749-283D-4912-8A02-36C37689B667} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [251904 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
Task: {D96087E0-3CA6-4F63-8B72-A792C8391912} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-10-14] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {932EE97C-809D-4928-9999-8895C7405A90} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718240 2023-10-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {3B46CC74-800C-4D2E-B288-7D2E34EC83B9} - System32\Tasks\PCDDataUploadTask => "uaclauncher.exe"  -lloc dataupload --ignoresecondarysplash --runsilently --skipidlewait (Ningún archivo)
Task: {D98EB1F6-1635-4C0D-9549-DC3EBA8808CB} - System32\Tasks\pdfforge GmbH\PDF Architect 9\App Notification => C:\Program Files\PDF Architect 9\architect-launcher.exe [2149312 2023-02-10] (pdfforge GmbH -> pdfforge GmbH)
Task: {A44EBDAE-885D-4CF2-814A-4AAF59E96488} - System32\Tasks\pdfforge GmbH\PDF Architect 9\App Notification Logon => C:\Program Files\PDF Architect 9\architect-launcher.exe [2149312 2023-02-10] (pdfforge GmbH -> pdfforge GmbH)
Task: {217E8F66-F057-4918-877D-E00253AB7DDB} - System32\Tasks\pdfforge GmbH\PDF Architect 9\Update => C:\Program Files\PDF Architect 9\architect.exe [3438528 2023-02-10] (pdfforge GmbH -> pdfforge GmbH)
Task: {85D642D5-C976-4C38-B87A-DA42BE974606} - System32\Tasks\Remove AdwCleaner Application => C:\WINDOWS\system32\CMD.EXE [289792 2023-11-14] (Microsoft Windows -> Microsoft Corporation) -> /C DEL /F /Q "C:\Users\David\Desktop\adwcleaner.exe"
Task: {B2CD7D28-DDC7-4E39-BE7A-C2D549F67969} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60008 2020-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3DB109C4-2467-4132-8551-74F2DF5639A6} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [67688 2020-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {EA2424B0-7DEA-48E5-8534-5EFFF0ABFE88} - System32\Tasks\SystemToolsDailyTest => "uaclauncher.exe"  -silentenumeration -st SystemToolsDailyTest --ignoresecondarysplash --runsilently (Ningún archivo)
Task: {AFA0C759-8175-460B-9096-506623E4C5F2} - System32\Tasks\Uninstall AdwCleaner Application => C:\Users\David\Desktop\adwcleaner.exe  /uninstall (Ningún archivo)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{05e87645-38d1-4a02-a165-b33cde195eca}: [DhcpNameServer] 172.18.11.1
Tcpip\..\Interfaces\{1c7d2606-8467-4a09-9b67-7eac93f909b4}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{8b17c222-ffb7-4986-b87f-5b2d6b8264b5}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{b5b2aaf8-675d-4116-89b9-662e8a27c158}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ca8dd785-5e42-46fe-8fe0-479d65022cae}: [DhcpNameServer] 62.81.16.213 62.81.16.148
Tcpip\..\Interfaces\{d6a5bca9-e8ee-4d3b-9975-e4a47de3a098}: [DhcpNameServer] 62.81.16.213 62.81.16.148

Edge: 
=======
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
Edge DefaultProfile: Default
Edge Profile: C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-02]
Edge Extension: (Documentos de Google sin conexión) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-19]
Edge Extension: (Edge relevant text changes) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-19]

FireFox:
========
FF DefaultProfile: llolf8er.default
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\llolf8er.default [2023-08-06]
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\mavro3k7.default-release-1695203406618 [2023-11-30]
FF user.js: detected! => C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\mavro3k7.default-release-1695203406618\user.js [2023-09-20]
FF HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Firefox\Extensions: [[email protected]] - C:\Users\David\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => no encontrado
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-456901426-2367040865-2536711323-1001: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\David\AppData\Roaming\ACEStream\player\npace_plugin.dll [Ningún archivo]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2023-12-02]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2023-11-16]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17]
CHR Extension: (Menú de aplicaciones de Drive (de Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-23]
CHR Extension: (Ace Script) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2023-10-04]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-06]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default_Old [2023-08-07] <==== ATENCIÓN
CHR Extension: (McAfee® WebAdvisor) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default_Old\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2023-08-03]
CHR Extension: (Google Docs Offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default_Old\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-03]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default_Old\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default_Old\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-03]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-08-07]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\System Profile [2023-09-12]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-456901426-2367040865-2536711323-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-456901426-2367040865-2536711323-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [hcjdanpjacpeeppdjkppebobilhaglfo]
CHR HKLM-x32\...\Chrome\Extension: [lecopdllcadfbliodgfpfbhgoaohmlfe]

Brave: 
=======
BRA Profile: C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-08-07]
BRA Extension: (McAfee® WebAdvisor) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-05-30]
BRA Extension: (SearchPreview) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo [2021-05-30]
BRA Extension: (Loom for Chrome) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\liecbddmkiiihnedobmlmillhodjkdmb [2021-06-06]
BRA Extension: (Menú de aplicaciones de Drive (de Google)) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-05-30]
BRA Extension: (Ace Script) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2021-05-30]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-05-30]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-06-07]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-05-30]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-06-06]
BRA Extension: (Brave Ad Block Updater (EasyList Spanish)) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\pdecoifadfkklajdlmndjpkhabpklldh [2021-06-07]

FRST (parte 2)

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S4 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12882616 2023-11-17] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2023-11-14] (Dropbox, Inc -> Dropbox, Inc.)
S4 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [38048 2019-03-15] (Dell Inc -> )
S4 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S4 Focusrite Control Server; C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe [1534976 2020-01-08] (Focusrite Audio Engineering Ltd.) [Archivo no firmado]
R2 mc-fw-host; C:\Program Files\McAfee\WPS\1.13.209.1\mc-fw-host.exe [2333904 2023-11-24] (McAfee, LLC -> McAfee, LLC)
S3 mc-wps-update; C:\Program Files\McAfee\wps\1.13.209.1\mc-update.exe [5082552 2023-11-24] (McAfee, LLC -> McAfee, LLC)
S4 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [871752 2023-07-30] (McAfee, LLC -> McAfee, LLC)
S4 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\5.5.107.0\McCSPServiceHost.exe [3384472 2023-02-28] (McAfee, LLC -> McAfee, LLC)
S4 NTKDaemonService; C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe [16847584 2023-05-17] (Native Instruments GmbH -> Native Instruments GmbH)
R3 PDF Architect 9; C:\Program Files\PDF Architect 9\activation-service.exe [3108288 2023-02-10] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 9 Creator; C:\Program Files\PDF Architect 9\creator-ws.exe [507328 2023-02-10] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 9 Update Service; C:\Program Files\PDF Architect 9\update-service.exe [414656 2023-02-10] (pdfforge GmbH -> pdfforge GmbH)
S4 Realtek87L; C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe [36864 2009-07-10] (Realtek) [Archivo no firmado]
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 SafeConnectService; C:\Program Files (x86)\McAfee\McAfee Safe Connect\SafeConnect.ServiceHost.exe [32144 2022-09-22] (McAfee, LLC -> McAfee, LLC.)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [17845048 2023-07-31] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 DellClientManagementService; "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe" [X]
S4 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [310672 2023-11-06] (Microsoft Windows Hardware Compatibility Publisher -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2023-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-02-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-02-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 FocusritePCIeSwRoot; C:\WINDOWS\System32\drivers\FocusritePCIeSwRoot.sys [97480 2016-11-16] (Focusrite Audio Engineering Ltd. -> Focusrite Audio Engineering Ltd.)
S3 FocusriteUSB; C:\WINDOWS\System32\drivers\FocusriteUSB.sys [122088 2019-08-02] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUSBSwRoot; C:\WINDOWS\System32\drivers\FocusriteUSBSwRoot.sys [101512 2019-08-02] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
S3 FocusriteUSB_AUDIO; C:\WINDOWS\system32\drivers\FocusriteUSBAudio.sys [63408 2019-08-02] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
S3 FocusriteUSB_MIDI; C:\WINDOWS\system32\drivers\FocusriteUSBMidi.sys [50000 2019-08-02] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S0 mfeelam; C:\WINDOWS\System32\DRIVERS\mfeelam.sys [19424 2023-11-24] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R0 mfesec; C:\WINDOWS\System32\DRIVERS\mfesec.sys [84416 2023-11-24] (McAfee, LLC -> McAfee, LLC)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 RT-USB; C:\WINDOWS\system32\drivers\RT-USB64.SYS [97152 2014-05-12] (Ross-Tech, LLC -> Ross-Tech LLC)
S3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [166032 2021-08-13] (Intel Corporation -> Rivet Networks, LLC.)
R3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows (R) Win 7 DDK provider)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2020-02-05] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2023-12-02 10:45 - 2023-12-02 10:46 - 000038601 _____ C:\Users\David\Desktop\FRST.txt
2023-12-01 16:57 - 2023-12-01 16:57 - 000000000 ___DL C:\Users\David\Streaming de Google Drive
2023-11-30 17:52 - 2023-11-30 17:52 - 000026679 _____ C:\Users\David\Desktop\Fixlog.txt
2023-11-30 17:49 - 2023-11-30 17:52 - 000007001 _____ C:\Users\David\Desktop\FIXLIST.TXT
2023-11-30 17:45 - 2023-11-30 17:45 - 000000247 _____ C:\Users\David\Desktop\DelFix.txt
2023-11-30 17:45 - 2023-11-30 17:45 - 000000247 _____ C:\DelFix.txt
2023-11-30 17:45 - 2023-11-30 17:45 - 000000000 ____D C:\WINDOWS\ERUNT
2023-11-30 17:41 - 2023-11-30 17:42 - 000797760 _____ C:\Users\David\Desktop\delfix_1.013.exe
2023-11-27 21:34 - 2023-11-27 21:34 - 000815071 _____ C:\Users\David\Downloads\Permiso circulacion skoda.pdf
2023-11-27 21:33 - 2023-11-27 21:30 - 000557781 _____ C:\Users\David\Downloads\Carnet conducir Ana.pdf
2023-11-27 21:32 - 2023-11-27 21:30 - 000581625 _____ C:\Users\David\Downloads\DNA Ana.pdf
2023-11-27 21:31 - 2023-11-27 21:32 - 001116828 ____T C:\Users\David\Downloads\Ficha tecnica skoda.pdf
2023-11-25 13:08 - 2023-11-25 13:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2023-11-25 13:07 - 2023-11-25 13:07 - 005050512 _____ C:\Users\David\Downloads\mp3tagv323-x64-setup.exe
2023-11-25 12:33 - 2023-11-25 12:42 - 000000000 ____D C:\Users\David\Downloads\Aerosmith - Get A Grip  1993(LP)
2023-11-25 12:33 - 2023-11-25 12:33 - 000000000 ____D C:\Users\David\Downloads\Aerosmith
2023-11-22 17:59 - 2023-11-22 17:59 - 000356906 _____ C:\Users\David\Downloads\Y2meta.app - hotel California guitar solo backing track (128 kbps).mp3.reapeaks
2023-11-19 20:01 - 2023-11-19 20:01 - 000010206 _____ C:\Users\David\Downloads\SacaFotoUID.jpeg
2023-11-18 19:04 - 2023-11-18 19:04 - 000048422 _____ C:\Users\David\Downloads\justificante_8627GHWUusB2.pdf
2023-11-18 19:03 - 2023-11-18 19:03 - 000158881 _____ C:\Users\David\Downloads\Pago ITV 2023.pdf
2023-11-18 17:16 - 2023-11-18 17:16 - 000002036 _____ C:\Users\David\Desktop\LNM.lnk
2023-11-18 17:11 - 2023-11-18 17:11 - 000002068 _____ C:\Users\David\Desktop\Telegram (1).lnk
2023-11-18 17:11 - 2023-11-18 17:11 - 000000000 ____D C:\Users\David\AppData\Local\HD-Player
2023-11-18 17:09 - 2023-11-19 22:15 - 000000000 ____D C:\Users\David\AppData\Local\BlueStacks X
2023-11-18 17:09 - 2023-11-18 17:09 - 000000000 ____D C:\Users\David\AppData\Local\BSXCache
2023-11-18 17:08 - 2023-11-18 17:08 - 000006904 _____ C:\Users\David\-1.14-windows.xml
2023-11-18 17:08 - 2023-11-18 17:08 - 000003938 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper_nxt
2023-11-18 17:07 - 2023-12-02 10:43 - 000000000 ____D C:\Users\David\AppData\Roaming\bluestacks-services
2023-11-18 17:07 - 2023-11-19 22:45 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2023-11-18 17:07 - 2023-11-18 17:07 - 000002445 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlueStacks Services.lnk
2023-11-18 17:07 - 2023-11-18 17:07 - 000000000 ____D C:\Users\David\AppData\Local\bluestacks-services-updater
2023-11-18 17:07 - 2023-11-18 17:07 - 000000000 ____D C:\Program Files\BlueStacks_nxt
2023-11-18 17:06 - 2023-11-18 17:06 - 000002007 _____ C:\Users\Public\Desktop\BlueStacks X.lnk
2023-11-18 17:06 - 2023-11-18 17:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks X
2023-11-18 17:06 - 2023-11-18 17:06 - 000000000 ____D C:\Program Files (x86)\BlueStacks X
2023-11-18 17:05 - 2023-11-18 17:07 - 000000000 ____D C:\Users\David\AppData\Local\Bluestacks
2023-11-18 17:05 - 2023-11-18 17:05 - 000000000 ____D C:\Users\Public\BlueStacks
2023-11-16 16:44 - 2023-11-16 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-11-14 22:01 - 2023-11-14 22:01 - 000000000 ___HD C:\$WinREAgent
2023-11-14 03:06 - 2023-11-14 03:06 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2023-11-08 17:11 - 2023-11-08 17:11 - 008244623 _____ C:\Users\David\Downloads\D811980_00100_13.pdf
2023-11-03 00:10 - 2023-11-03 00:16 - 000000000 ____D C:\Manual termostato
2023-11-02 21:30 - 2023-11-07 18:32 - 000000000 ____D C:\Users\David\Desktop\Analisis Foro Spyware
2023-11-02 15:54 - 2023-11-02 15:54 - 000314204 _____ C:\Users\David\Downloads\MODELO CAMBIO DOMICILIO .pdf
2023-11-02 12:39 - 2023-11-02 12:39 - 000060451 _____ C:\Users\David\Downloads\Nomina octubre 2023.pdf

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2023-12-02 10:45 - 2023-08-07 10:42 - 000000000 ____D C:\FRST
2023-12-02 10:44 - 2023-05-05 13:27 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-12-02 10:44 - 2018-04-27 19:07 - 000000000 ____D C:\Program Files (x86)\Google
2023-12-02 10:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-12-02 10:43 - 2018-10-31 00:21 - 000000000 ____D C:\Users\David\AppData\Roaming\Dropbox
2023-12-02 10:42 - 2023-08-06 16:34 - 000004088 _____ C:\WINDOWS\system32\Tasks\McAfee OEM Subscription job
2023-12-02 10:42 - 2023-08-06 16:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-12-02 10:42 - 2021-08-16 14:14 - 000000000 ____D C:\Users\David\AppData\Roaming\Spotify
2023-12-02 10:42 - 2021-03-21 09:16 - 000008192 ___SH C:\DumpStack.log.tmp
2023-12-02 10:42 - 2020-02-29 11:32 - 000000000 ____D C:\ProgramData\boost_interprocess
2023-12-02 10:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-12-02 10:42 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-12-02 10:42 - 2018-04-27 19:02 - 000000000 __SHD C:\Users\David\IntelGraphicsProfiles
2023-12-02 10:42 - 2018-04-18 18:06 - 000000000 ____D C:\Intel
2023-12-02 10:41 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-12-02 10:29 - 2018-09-08 00:05 - 000000000 ____D C:\Users\David\AppData\Local\D3DSCache
2023-12-02 10:28 - 2019-12-07 15:56 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-12-02 10:27 - 2022-12-09 10:10 - 000000000 ___RD C:\Users\David\OneDrive - Educantabria
2023-12-02 10:27 - 2021-09-25 10:06 - 000002180 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-12-02 10:27 - 2021-09-25 10:06 - 000002015 _____ C:\Users\Default\Desktop\Google Slides.lnk
2023-12-02 10:27 - 2021-09-25 10:06 - 000002015 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2023-12-02 10:27 - 2021-09-25 10:06 - 000002003 _____ C:\Users\Default\Desktop\Google Docs.lnk
2023-12-02 10:27 - 2018-10-31 00:10 - 000000000 ____D C:\Users\David\AppData\Local\Dropbox
2023-12-02 10:27 - 2018-04-27 19:04 - 000000000 ___RD C:\Users\David\OneDrive
2023-12-02 10:27 - 2018-04-27 19:02 - 000000000 ___SD C:\Users\David\AppData\Roaming\Microsoft\Credentials
2023-12-01 18:37 - 2020-06-24 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neural DSP
2023-12-01 18:37 - 2020-06-20 10:42 - 000000000 ____D C:\Program Files\Neural DSP
2023-12-01 18:29 - 2023-08-06 16:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-12-01 17:10 - 2023-08-10 10:34 - 000000000 ____D C:\Users\David\AppData\Roaming\PDF Architect 9
2023-12-01 17:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-01 17:03 - 2023-08-06 16:31 - 001772862 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-12-01 17:03 - 2019-12-07 15:55 - 000790938 _____ C:\WINDOWS\system32\perfh00A.dat
2023-12-01 17:03 - 2019-12-07 15:55 - 000156274 _____ C:\WINDOWS\system32\perfc00A.dat
2023-12-01 17:03 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-12-01 16:57 - 2023-08-06 16:24 - 000000000 ____D C:\Users\David
2023-12-01 16:33 - 2023-08-04 13:18 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-12-01 16:33 - 2023-08-04 13:18 - 000002211 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-11-30 17:52 - 2023-04-23 20:11 - 000000000 ____D C:\Users\David\AppData\Local\CrashDumps
2023-11-30 17:50 - 2023-08-08 08:10 - 002383872 _____ (Farbar) C:\Users\David\Desktop\FRST64 (1).exe
2023-11-30 17:28 - 2023-08-06 16:34 - 000003916 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-11-30 17:28 - 2023-08-06 16:34 - 000003792 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-11-29 16:45 - 2020-06-18 09:47 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-25 19:54 - 2022-09-24 16:32 - 000000000 _____ C:\Users\David\Documents\MainAppLog.txt
2023-11-25 14:37 - 2018-10-04 11:26 - 000000000 ____D C:\Users\David\AppData\Roaming\Mp3tag
2023-11-25 13:08 - 2022-09-16 15:14 - 000000000 ____D C:\Program Files\Mp3tag
2023-11-25 13:04 - 2018-10-05 10:15 - 000000000 ____D C:\Users\David\AppData\Roaming\uTorrent
2023-11-25 12:49 - 2019-04-09 11:54 - 000000000 ____D C:\Users\David\AppData\Local\BitTorrentHelper
2023-11-24 20:01 - 2023-04-18 19:34 - 000084416 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfesec.sys
2023-11-24 20:01 - 2023-04-18 19:34 - 000019424 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfeelam.sys
2023-11-24 20:01 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-11-20 21:28 - 2023-08-06 16:34 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-456901426-2367040865-2536711323-1001
2023-11-20 21:28 - 2023-08-06 16:34 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-456901426-2367040865-2536711323-1001
2023-11-20 21:28 - 2023-08-06 16:24 - 000002420 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-11-19 22:45 - 2018-10-16 22:10 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Word
2023-11-19 22:16 - 2021-11-07 18:28 - 000000000 ____D C:\Users\David\AppData\Roaming\Telegram Desktop
2023-11-18 22:33 - 2020-04-07 19:20 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Teams
2023-11-18 17:09 - 2020-08-23 19:32 - 000000000 ____D C:\Users\David\AppData\Local\cache
2023-11-18 17:05 - 2019-08-28 16:59 - 000000000 ____D C:\Programas
2023-11-18 11:14 - 2016-10-26 15:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-11-17 22:39 - 2018-10-16 22:07 - 000000000 ____D C:\Program Files\Microsoft Office
2023-11-16 16:44 - 2018-10-31 00:10 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-11-16 00:17 - 2021-11-07 18:31 - 000000000 ____D C:\ProgramData\firebird
2023-11-15 21:54 - 2021-11-07 18:35 - 000000000 ____D C:\Users\David\AppData\Roaming\Eendsoft
2023-11-15 15:02 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-11-14 23:24 - 2023-08-06 16:22 - 005114192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-11-14 23:23 - 2019-12-07 15:55 - 000000000 ____D C:\WINDOWS\SysWOW64\es
2023-11-14 23:23 - 2019-12-07 15:55 - 000000000 ____D C:\WINDOWS\system32\es
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-11-14 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-11-14 23:22 - 2019-12-07 15:57 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-11-14 23:22 - 2019-12-07 15:57 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-11-14 23:22 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-11-14 23:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-11-14 23:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-11-14 23:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-11-14 23:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2023-11-14 23:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-11-14 23:22 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-11-14 23:22 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-14 23:22 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-11-14 23:22 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-11-14 22:16 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-11-14 22:15 - 2019-12-07 15:57 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-11-14 22:15 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-11-14 22:15 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-11-14 22:09 - 2023-08-06 16:25 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-11-14 21:26 - 2018-04-27 19:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-11-14 21:19 - 2018-04-27 19:40 - 182871392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-11-11 12:14 - 2022-02-10 11:19 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-11-09 20:31 - 2020-10-02 07:25 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-05 19:37 - 2021-11-07 18:21 - 000000000 ____D C:\Program Files (x86)\Picto Selector

==================== Archivos en la raíz de algunos directorios ========

2020-10-29 19:00 - 2020-10-29 19:00 - 000000008 __RSH () C:\ProgramData\sysqcl1131236454.dat
2023-05-16 19:02 - 2023-09-22 19:51 - 000000048 _____ () C:\Users\David\AppData\Roaming\msregsvv.dll
2023-06-01 17:05 - 2023-06-01 17:18 - 000000132 _____ () C:\Users\David\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2019-02-10 19:29 - 2015-09-18 15:13 - 000937776 _____ (AutoIt Team) C:\Users\David\AppData\Roaming\wscript.exe
2019-01-14 12:15 - 2019-01-14 12:17 - 000534528 _____ (Dirección General de la Policía) C:\Users\David\AppData\Local\DNIeService.exe

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================