Malware doble tilde (llevo dias y no consigo quitarlo) ayuda

Muy buenas, Tengo desde hace unas semanas el malware de la doble tilde en un portatil con windows 10. He probado, varios limpiadores (ccleaner, malwarebytes… y nada).

¿alquien me podria ayudar a eliminarlo? Muchas gracias.

Buenas, He pasado el Farbar Recovery Scan Tool como se indica en otro post de por aqui (sin conexion a internet). Pongo los reportes frst.txt y addition.txt por aqui para ver si me podeis ayudar. FRST (parte 1)

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 06-08-2023
Ejecutado por David (administrador) sobre WINDELL-14BP45B (Dell Inc. Inspiron 5567) (08-08-2023 09:12:59)
Ejecutado desde C:\Users\David\Desktop\FRST64 (1).exe
Perfiles cargados: David
Plataforma: Microsoft Windows 10 Home Versión 22H2 19045.3271 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\awic\AWiCMgr.exe ->) (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\AWiCDiag.exe
(C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\Wcct.exe ->) () [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\spectral\SocketServer.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(ctfmon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(DriverStore\FileRepository\c0354716.inf_amd64_f71e4ad1ddbb6e3d\B352547\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0354716.inf_amd64_f71e4ad1ddbb6e3d\B352547\atieclxx.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxEM.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(explorer.exe ->) (Focusrite Audio Engineering, Ltd.) [Archivo no firmado] C:\Program Files\FocusriteUSB\Focusrite Notifier.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\79.0.2.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\79.0.2.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (Qualcomm Atheros Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\awic\AWiCMgr.exe
(explorer.exe ->) (Qualcomm Atheros Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\Wcct.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0354716.inf_amd64_f71e4ad1ddbb6e3d\B352547\atiesrxx.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\IntelCpHeciSvc.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.11.184.1\mc-fw-host.exe <2>
(services.exe ->) (McAfee, LLC -> McAfee, LLC.) C:\Program Files (x86)\McAfee\McAfee Safe Connect\SafeConnect.ServiceHost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2330.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.11.184.1\neo\core\mc-neo-host.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\SubscriptionJob\mc-oem-subjob.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21524.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21524.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_3000.934.1904.0_x64__8wekyb3d8bbwe\PushNotificationsLongRunningTask.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWelcome.exe [127480 2017-11-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AWiCMgr] => C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\AWiC\AWiCMgr.exe [185856 2016-09-19] (Qualcomm Atheros Inc.) [Archivo no firmado]
HKLM\...\Run: [AWiCDiag] => C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\AWiCDiag.exe [3067904 2016-09-19] (Qualcomm Atheros, Inc.) [Archivo no firmado]
HKLM\...\Run: [wcct] => C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\wcct.exe [1076224 2016-09-19] (Qualcomm Atheros Inc.) [Archivo no firmado]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Focusrite Notifier] => C:\Program Files\FocusriteUSB\Focusrite Notifier.exe [3949568 2019-08-02] (Focusrite Audio Engineering, Ltd.) [Archivo no firmado]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2023-07-29] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\79.0.2.0\GoogleDriveFS.exe [147244312 2023-08-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\79.0.2.0\GoogleDriveFS.exe [147244312 2023-08-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-456901426-2367040865-2536711323-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\79.0.2.0\GoogleDriveFS.exe [147244312 2023-08-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\79.0.2.0\GoogleDriveFS.exe [147244312 2023-08-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Run: [SafeConnect] => C:\Program Files (x86)\McAfee\McAfee Safe Connect\SafeConnect.Entry.exe [161440 2022-09-22] (McAfee, LLC -> McAfee, LLC.)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Run: [Spotify] => C:\Users\David\AppData\Roaming\Spotify\Spotify.exe [19970464 2022-07-18] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Run: [MicrosoftEdgeAutoLaunch_32628329D6ABECAB6CD57130DDFBAC4F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4088256 2023-07-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\79.0.2.0\GoogleDriveFS.exe [147244312 2023-08-07] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\EPSON XP-302 303 305 306 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMIKE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [558592 2012-11-12] (SEIKO EPSON CORPORATION) [Archivo no firmado]
HKLM\...\Print\Monitors\PDF Architect 8 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\architect_pdfpmon_v.4.12.26.3.dll [932984 2021-12-05] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\115.0.5790.171\Installer\chrmstp.exe [2023-08-04] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Updater.lnk [2019-03-11]
ShortcutTarget: RT-Updater.lnk -> C:\Ross-Tech\VCDS\VCDS.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)

==================== Tareas programadas (Lista blanca) =================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {4DEC7650-310B-4175-A5E1-65E4706611EB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {9B72AB73-C3DD-4CEA-ABD9-81396CF0D582} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {375A3051-AC4D-48A0-8F6D-E494ABB0B2A9} - System32\Tasks\Elcomsoft\Elcomsoft Updater Autostart => C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\updater-launcher.exe [372320 2018-09-05] (Elcomsoft s.r.o. -> Elcomsoft)
Task: {C179BDA7-4F8F-4F8C-B9B6-6EACA810AC9B} - System32\Tasks\Elcomsoft\Elcomsoft Updater Show => C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\updater-launcher.exe [372320 2018-09-05] (Elcomsoft s.r.o. -> Elcomsoft)
Task: {FD0BCE2D-A343-4150-8896-C1FBAEABB11A} - System32\Tasks\Elcomsoft\Elcomsoft Updater Terminate => C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Updater\updater-launcher.exe [372320 2018-09-05] (Elcomsoft s.r.o. -> Elcomsoft)
Task: {A8A04081-6517-453B-86BE-DFCB60D20F43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-27] (Google Inc -> Google Inc.)
Task: {74F38714-DCA9-482E-AD4C-62E991D81601} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-27] (Google Inc -> Google Inc.)
Task: {C0B543FA-F7A1-47B0-BF2E-161C70D3DACB} - System32\Tasks\McAfee OEM Subscription job => \\?\C:\Program Files\McAfee\WPS\SubscriptionJob\mc-oem-subjob.exe [1986072 2023-08-03] (McAfee, LLC -> McAfee, LLC)
Task: {4E4FFE76-8568-479C-AA4B-C4B5EDFC8236} - System32\Tasks\McAfee\WPS\amwebapitriggertask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {BF374718-6380-4297-A37A-447D6837B58E} - System32\Tasks\McAfee\WPS\DAD.WPS.Execute.Updates => C:\Program Files\McAfee\WPS\1.11.184.1\dad\mc-dad.exe [4379528 2023-08-07] (McAfee, LLC -> McAfee, LLC)
Task: {B26D1454-D8D0-4666-A91E-A59E9D3AAC14} - System32\Tasks\McAfee\WPS\datupdatetask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {A3E8965F-9298-4996-BF7A-9CEC8CD36EA5} - System32\Tasks\McAfee\WPS\McAfee Sustainability => C:\Program Files\McAfee\WPS\1.11.184.1\sustainability\mc-sustainability.exe [785616 2023-08-07] (McAfee, LLC -> McAfee, LLC)
Task: {459F84AF-980F-40C0-88A2-B001477E7FB1} - System32\Tasks\McAfee\WPS\mcpcoscanner => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {2480B59B-3CE3-4E34-B009-9224797EC49D} - System32\Tasks\McAfee\WPS\NGMCadence => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {73D27EF3-8FE6-42F5-A7D4-7F726355FD05} - System32\Tasks\McAfee\WPS\odsscheduledtask => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D}
Task: {70BA6D37-F243-4417-BE44-A12B43E33317} - System32\Tasks\McAfee\WPS\systemrebootedtask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {46F98F2B-0E43-40A2-A329-9EA31407FCC9} - System32\Tasks\McAfee\WPS\Update => {81A7CB63-BB07-4DAD-8E72-07B3A9BB08E2}
Task: {B55ABF9C-5151-418D-8AF4-2A99896BAC05} - System32\Tasks\McAfee\WPS\WPSPush => \\?\C:\Program Files\McAfee\WPS\1.11.184.1\mc-wns-client\mc-wns-client.exe [802800 2023-08-07] (McAfee, LLC -> )
Task: {2FCC1405-B8BB-4D9A-B98A-75B1DA74D671} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656184 2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {F7275E12-017E-48E4-A03D-AEA3CB09455D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656184 2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {8CA09B7E-1DBB-4729-827A-32BCBBE888E5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158656 2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {4CCF862A-FE89-499A-B05C-670F04B5933C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158656 2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C3E26AA-6904-4448-BD07-5C8EC2999A65} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [167864 2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {0FC98D76-9EC0-4A3A-B1B5-E8A391DCAF84} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc
Task: {0FC98D76-9EC0-4A3A-B1B5-E8A391DCAF84} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun
Task: {0FC98D76-9EC0-4A3A-B1B5-E8A391DCAF84} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData
Task: {53729C35-7838-432C-A2AB-098B72D1A37B} - System32\Tasks\Microsoft\Windows\Chkdsk\CNHe-tiering-events => C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [65440 2019-12-07] (Microsoft Corporation -> Microsoft Corporation) -> C:\PROGRA~2\GENERI~1\XXIVER~1\DEVROM~1.DLL /nologo /unregister
Task: {749ACC8F-FCB4-4F15-8E70-466F61CAAD16} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Acceso Denegado]
Task: {5266DA90-664A-4EA3-B7DF-B4777F0FB2DA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantAllUsersRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Acceso Denegado]
Task: {C76C388F-5A28-4D95-A509-660D64CBA67A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Acceso Denegado]
Task: {D9655014-B06C-40AF-8F27-24E5A1474C7F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Acceso Denegado]
Task: {8743FF16-EE3F-4FD8-A9DA-2DBF4A0AD508} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe  -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F732BE03-35D8-4F51-B26F-C545F4D3106E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe  do-task "308046B0AF4A39CB" (Ningún archivo)
Task: {3B46CC74-800C-4D2E-B288-7D2E34EC83B9} - System32\Tasks\PCDDataUploadTask => "uaclauncher.exe"  -lloc dataupload --ignoresecondarysplash --runsilently --skipidlewait (Ningún archivo)
Task: {85D642D5-C976-4C38-B87A-DA42BE974606} - System32\Tasks\Remove AdwCleaner Application => C:\WINDOWS\system32\CMD.EXE [289792 2023-05-05] (Microsoft Windows -> Microsoft Corporation) -> /C DEL /F /Q "C:\Users\David\Desktop\adwcleaner.exe"
Task: {B2CD7D28-DDC7-4E39-BE7A-C2D549F67969} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60008 2020-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3DB109C4-2467-4132-8551-74F2DF5639A6} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [67688 2020-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {EA2424B0-7DEA-48E5-8534-5EFFF0ABFE88} - System32\Tasks\SystemToolsDailyTest => "uaclauncher.exe"  -silentenumeration -st SystemToolsDailyTest --ignoresecondarysplash --runsilently (Ningún archivo)
Task: {AFA0C759-8175-460B-9096-506623E4C5F2} - System32\Tasks\Uninstall AdwCleaner Application => C:\Users\David\Desktop\adwcleaner.exe [8791352 2023-08-04] (Malwarebytes Inc. -> Malwarebytes)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 212.230.135.1 212.230.135.2
Tcpip\..\Interfaces\{05e87645-38d1-4a02-a165-b33cde195eca}: [DhcpNameServer] 172.18.11.1
Tcpip\..\Interfaces\{1c7d2606-8467-4a09-9b67-7eac93f909b4}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{8b17c222-ffb7-4986-b87f-5b2d6b8264b5}: [DhcpNameServer] 212.230.135.1 212.230.135.2
Tcpip\..\Interfaces\{b5b2aaf8-675d-4116-89b9-662e8a27c158}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ca8dd785-5e42-46fe-8fe0-479d65022cae}: [DhcpNameServer] 62.81.16.213 62.81.16.148
Tcpip\..\Interfaces\{d6a5bca9-e8ee-4d3b-9975-e4a47de3a098}: [DhcpNameServer] 62.81.16.213 62.81.16.148

Edge: 
=======
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
Edge DefaultProfile: Default
Edge Profile: C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-08]
Edge Extension: (Edge relevant text changes) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-04]

FireFox:
========
FF DefaultProfile: llolf8er.default
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\llolf8er.default [2023-08-06]
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\rprqjlj3.default-release [2023-08-07]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\PDF Architect 8\creator\plugins\FirefoxAddin\[email protected]
FF Extension: (PDF Architect 8 Creator) - C:\Program Files\PDF Architect 8\creator\plugins\FirefoxAddin\[email protected] [2020-11-16]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\PDF Architect 8\creator\plugins\FirefoxAddin\[email protected]
FF HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Firefox\Extensions: [[email protected]] - C:\Users\David\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => no encontrado
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: PDF Architect 8 -> C:\Program Files\PDF Architect 8\np-previewer.dll [2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: PDF Architect 8 -> C:\Program Files (x86)\PDF Architect 8\np-previewer.dll [2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
FF Plugin HKU\S-1-5-21-456901426-2367040865-2536711323-1001: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\David\AppData\Roaming\ACEStream\player\npace_plugin.dll [Ningún archivo]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2023-08-08]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2023-08-06]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-06]
CHR Extension: (Menú de aplicaciones de Drive (de Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-06]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-06]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default_Old [2023-08-07] <==== ATENCIÓN
CHR Extension: (McAfee® WebAdvisor) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default_Old\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2023-08-03]
CHR Extension: (Google Docs Offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default_Old\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-03]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default_Old\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default_Old\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-03]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-08-07]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-456901426-2367040865-2536711323-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-456901426-2367040865-2536711323-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [hcjdanpjacpeeppdjkppebobilhaglfo]
CHR HKLM-x32\...\Chrome\Extension: [lecopdllcadfbliodgfpfbhgoaohmlfe]

Brave: 
=======
BRA Profile: C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-08-07]
BRA Extension: (McAfee® WebAdvisor) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-05-30]
BRA Extension: (SearchPreview) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo [2021-05-30]
BRA Extension: (Loom for Chrome) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\liecbddmkiiihnedobmlmillhodjkdmb [2021-06-06]
BRA Extension: (Menú de aplicaciones de Drive (de Google)) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-05-30]
BRA Extension: (Ace Script) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2021-05-30]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-05-30]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-06-07]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-05-30]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-06-06]
BRA Extension: (Brave Ad Block Updater (EasyList Spanish)) - C:\Users\David\AppData\Local\BraveSoftware\Brave-Browser\User Data\pdecoifadfkklajdlmndjpkhabpklldh [2021-06-07]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S4 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11867104 2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
S4 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2023-07-29] (Dropbox, Inc -> Dropbox, Inc.)
S4 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [38048 2019-03-15] (Dell Inc -> )
S4 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S4 Focusrite Control Server; C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe [1534976 2020-01-08] (Focusrite Audio Engineering Ltd.) [Archivo no firmado]
R2 mc-fw-host; C:\Program Files\McAfee\WPS\1.11.184.1\mc-fw-host.exe [2306456 2023-08-07] (McAfee, LLC -> McAfee, LLC)
S3 mc-wps-update; C:\Program Files\McAfee\WPS\1.11.184.1\mc-update.exe [5075888 2023-08-07] (McAfee, LLC -> McAfee, LLC)
S4 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [871752 2023-07-30] (McAfee, LLC -> McAfee, LLC)
S4 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\5.5.107.0\\McCSPServiceHost.exe [3384472 ] (McAfee, LLC -> McAfee, LLC)
S4 NTKDaemonService; C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe [16847584 2023-05-17] (Native Instruments GmbH -> Native Instruments GmbH)
S4 PDF Architect 6; C:\Program Files\PDF Architect 6\ws.exe [2569976 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 6 Creator; C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe [832248 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 6 Update Service; C:\Program Files\PDF Architect 6\updater-ws.exe [1665272 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 8; C:\Program Files\PDF Architect 8\ws.exe [2731616 2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 8 Creator; C:\Program Files\PDF Architect 8\creator-ws.exe [628832 2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
S4 Realtek87L; C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe [36864 2009-07-10] (Realtek) [Archivo no firmado]
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 SafeConnectService; C:\Program Files (x86)\McAfee\McAfee Safe Connect\SafeConnect.ServiceHost.exe [32144 2022-09-22] (McAfee, LLC -> McAfee, LLC.)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [17845048 2023-07-31] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 DellClientManagementService; "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe" [X]
S4 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2023-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-02-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-02-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 FocusritePCIeSwRoot; C:\WINDOWS\System32\drivers\FocusritePCIeSwRoot.sys [97480 2016-11-16] (Focusrite Audio Engineering Ltd. -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUSBSwRoot; C:\WINDOWS\System32\drivers\FocusriteUSBSwRoot.sys [101512 2019-08-02] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-06] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S0 mfeelam; C:\WINDOWS\System32\DRIVERS\mfeelam.sys [18400 2023-08-07] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R0 mfesec; C:\WINDOWS\System32\DRIVERS\mfesec.sys [82696 2023-08-07] (McAfee, LLC -> McAfee, LLC)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 RT-USB; C:\WINDOWS\system32\drivers\RT-USB64.SYS [97152 2014-05-12] (Ross-Tech, LLC -> Ross-Tech LLC)
S3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [166032 2021-08-13] (Intel Corporation -> Rivet Networks, LLC.)
R3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows (R) Win 7 DDK provider)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2020-02-05] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

FRST (parte 2)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2023-08-08 09:12 - 2023-08-08 09:13 - 000037795 _____ C:\Users\David\Desktop\FRST.txt
2023-08-08 09:10 - 2023-08-08 09:10 - 002384896 _____ (Farbar) C:\Users\David\Desktop\FRST64 (1).exe
2023-08-07 20:59 - 2023-08-07 20:59 - 000003302 _____ C:\WINDOWS\system32\Tasks\Remove AdwCleaner Application
2023-08-07 20:59 - 2023-08-07 20:59 - 000003284 _____ C:\WINDOWS\system32\Tasks\Uninstall AdwCleaner Application
2023-08-07 20:46 - 2023-08-07 20:46 - 000000000 ___HD C:\$WinREAgent
2023-08-07 12:34 - 2023-08-07 12:34 - 000000000 ____D C:\Users\David\Downloads\ProcessExplorer
2023-08-07 12:33 - 2023-08-07 12:33 - 003514508 _____ C:\Users\David\Downloads\ProcessExplorer.zip
2023-08-07 11:44 - 2023-08-07 11:46 - 000088672 _____ C:\Users\David\Downloads\Addition.txt
2023-08-07 11:43 - 2023-08-07 11:46 - 000075578 _____ C:\Users\David\Downloads\FRST.txt
2023-08-07 11:42 - 2023-08-08 09:13 - 000000000 ____D C:\FRST
2023-08-07 11:42 - 2023-08-07 11:42 - 002384896 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2023-08-07 11:27 - 2023-08-07 11:30 - 000015179 _____ C:\DT-kill.txt
2023-08-07 11:27 - 2023-08-07 11:27 - 000000000 ____D C:\_DT-Kill
2023-08-07 11:26 - 2023-08-07 11:26 - 000425747 _____ C:\Users\David\Downloads\DTKill.zip
2023-08-07 11:26 - 2023-08-07 11:26 - 000000000 ____D C:\Users\David\Downloads\DTKill
2023-08-07 11:12 - 2011-04-20 03:03 - 000120320 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMIKE.DLL
2023-08-07 11:12 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ID4BIKE.DLL
2023-08-07 11:12 - 2007-04-10 01:06 - 000010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL
2023-08-07 11:11 - 2023-08-07 11:11 - 021335616 _____ C:\Users\David\Downloads\epson514375eu.exe
2023-08-07 09:55 - 2023-08-07 09:55 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2023-08-07 09:53 - 2023-08-07 09:54 - 199672808 _____ (SUPERAntiSpyware) C:\Users\David\Downloads\SUPERAntiSpywarePro.exe
2023-08-06 18:22 - 2023-08-06 17:34 - 000000000 ____D C:\Windows.old
2023-08-06 18:19 - 2023-08-06 18:22 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2023-08-06 18:17 - 2023-08-06 18:19 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2023-08-06 18:17 - 2023-08-06 18:17 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2023-08-06 18:09 - 2023-08-06 18:09 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2023-08-06 18:09 - 2023-08-06 18:09 - 000000000 ____D C:\Program Files\Reference Assemblies
2023-08-06 18:09 - 2023-08-06 18:09 - 000000000 ____D C:\Program Files\MSBuild
2023-08-06 18:09 - 2023-08-06 18:09 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2023-08-06 18:09 - 2023-08-06 18:09 - 000000000 ____D C:\Program Files (x86)\MSBuild
2023-08-06 17:37 - 2023-08-06 17:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2023-08-06 17:36 - 2023-08-06 17:36 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-08-06 17:34 - 2023-08-08 09:12 - 000004088 _____ C:\WINDOWS\system32\Tasks\McAfee OEM Subscription job
2023-08-06 17:34 - 2023-08-07 22:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-06 17:34 - 2023-08-07 12:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2023-08-06 17:34 - 2023-08-06 17:34 - 000003636 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-08-06 17:34 - 2023-08-06 17:34 - 000003558 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-08-06 17:34 - 2023-08-06 17:34 - 000003536 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2023-08-06 17:34 - 2023-08-06 17:34 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-08-06 17:34 - 2023-08-06 17:34 - 000003334 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-08-06 17:34 - 2023-08-06 17:34 - 000003312 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2023-08-06 17:34 - 2023-08-06 17:34 - 000003204 _____ C:\WINDOWS\system32\Tasks\PCDDataUploadTask
2023-08-06 17:34 - 2023-08-06 17:34 - 000003084 _____ C:\WINDOWS\system32\Tasks\SystemToolsDailyTest
2023-08-06 17:34 - 2023-08-06 17:34 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-456901426-2367040865-2536711323-1001
2023-08-06 17:34 - 2023-08-06 17:34 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-456901426-2367040865-2536711323-1001
2023-08-06 17:34 - 2023-08-06 17:34 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2023-08-06 17:34 - 2023-08-06 17:34 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2023-08-06 17:34 - 2023-08-06 17:34 - 000000020 ___SH C:\Users\David\ntuser.ini
2023-08-06 17:34 - 2023-08-06 17:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2023-08-06 17:34 - 2023-08-06 17:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-08-06 17:34 - 2023-08-06 17:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Elcomsoft
2023-08-06 17:31 - 2023-08-07 22:56 - 001772862 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-06 17:30 - 2023-08-06 17:34 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2023-08-06 17:30 - 2023-08-06 17:34 - 000011433 _____ C:\WINDOWS\diagerr.xml
2023-08-06 17:27 - 2023-08-06 17:27 - 000000000 ____D C:\Users\defaultuser0\AppData\Roaming\Microsoft\Network
2023-08-06 17:27 - 2023-08-06 17:27 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network
2023-08-06 17:27 - 2023-08-06 17:27 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\SystemCertificates
2023-08-06 17:27 - 2023-08-06 17:27 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Network
2023-08-06 17:27 - 2023-08-06 17:27 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Crypto
2023-08-06 17:24 - 2023-08-06 17:34 - 000000000 ____D C:\Users\David
2023-08-06 17:24 - 2023-08-06 17:27 - 000000000 ____D C:\Users\defaultuser0
2023-08-06 17:24 - 2023-08-06 17:27 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows
2023-08-06 17:24 - 2023-08-06 17:24 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\Reciente
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\Plantillas
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\Mis documentos
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\Menú Inicio
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\Impresoras
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\Entorno de red
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Mis vídeos
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Mis imágenes
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Mi música
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\Datos de programa
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\Configuración local
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Historial
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Datos de programa
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Archivos temporales de Internet
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\Reciente
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\Plantillas
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\Mis documentos
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\Menú Inicio
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\Impresoras
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\Entorno de red
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\Documents\Mis vídeos
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\Documents\Mis imágenes
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\Documents\Mi música
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\Datos de programa
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\Configuración local
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\AppData\Local\Historial
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\AppData\Local\Datos de programa
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 _SHDL C:\Users\David\AppData\Local\Archivos temporales de Internet
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2023-08-06 17:24 - 2023-08-06 17:24 - 000000000 ____D C:\Program Files\Waves
2023-08-06 17:24 - 2019-12-07 11:31 - 000000000 ____D C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows
2023-08-06 17:22 - 2023-08-08 00:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-06 17:22 - 2023-08-07 22:52 - 005114192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-06 13:24 - 2023-08-07 14:03 - 000000000 ___DC C:\WINDOWS\Panther
2023-08-06 13:18 - 2023-08-06 13:24 - 000000000 ____D C:\ESD
2023-08-06 13:16 - 2023-08-06 13:16 - 000000000 ___HD C:\$Windows.~WS
2023-08-06 10:55 - 2023-08-06 11:23 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2023-08-06 10:52 - 2023-08-06 10:52 - 000002259 _____ C:\WINDOWS\epplauncher.mif
2023-08-04 14:18 - 2023-08-04 14:18 - 000002324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-08-04 14:18 - 2023-08-04 14:18 - 000002283 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-08-04 14:17 - 2023-08-04 14:17 - 001372712 _____ (Google LLC) C:\Users\David\Downloads\ChromeSetup (2).exe
2023-08-04 13:36 - 2023-08-04 13:37 - 002606880 _____ (Malwarebytes) C:\Users\David\Downloads\MBSetup (1).exe
2023-08-04 13:15 - 2023-08-04 13:15 - 008791352 _____ (Malwarebytes) C:\Users\David\Desktop\adwcleaner.exe
2023-08-04 12:10 - 2023-08-04 12:10 - 000000000 ____D C:\WINDOWS\pss
2023-08-04 09:41 - 2023-08-04 09:41 - 056367416 _____ (Piriform Software Ltd) C:\Users\David\Downloads\ccsetup614_pro_trial.exe
2023-08-03 23:47 - 2023-08-03 23:47 - 000780358 _____ C:\Users\David\Documents\trasferencia Raquel171.pdf
2023-08-03 21:44 - 2023-08-03 21:44 - 000000000 ____D C:\Users\David\AppData\Local\mbam
2023-08-03 21:42 - 2023-08-03 21:42 - 002606880 _____ (Malwarebytes) C:\Users\David\Downloads\MBSetup.exe
2023-08-03 21:01 - 2023-08-06 12:43 - 000000098 _____ C:\Users\David\Desktop\Nuevo documento de texto (2).txt
2023-08-03 15:41 - 2023-08-03 15:41 - 095388616 _____ (McAfee, LLC) C:\Users\David\Downloads\McAfee_Malware_Cleaner.exe
2023-08-03 11:32 - 2023-08-03 16:28 - 000000000 ____D C:\Users\David\AppData\Local\LogMeIn Rescue Applet
2023-08-03 11:32 - 2023-08-03 15:41 - 000000000 ____D C:\Program Files (x86)\LogMeIn Rescue Applet
2023-08-02 11:07 - 2023-08-02 11:26 - 1896597490 ____R C:\Users\David\Downloads\BLACK MIRROR 6X3 ESP.mp4
2023-08-02 10:59 - 2023-08-06 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-07-29 23:20 - 2023-07-29 23:20 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2023-07-27 13:53 - 2023-07-27 13:53 - 053329624 _____ (Piriform Software Ltd) C:\Users\David\Downloads\ccsetup607.exe
2023-07-21 16:11 - 2023-07-21 16:15 - 000000000 ____D C:\Users\David\Desktop\Fotos camara Julia
2023-07-19 20:03 - 2023-07-19 20:03 - 000806874 _____ C:\Users\David\Downloads\Tema 5 rev.1 - 120 bpm.wav.reapeaks
2023-07-17 20:12 - 2023-07-17 20:12 - 090485052 _____ C:\Users\David\Downloads\Tema 5 rev.1 - 120 bpm.wav
2023-07-15 13:59 - 2023-07-15 13:59 - 001371176 _____ (Google LLC) C:\Users\David\Downloads\ChromeSetup (1).exe

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2023-08-08 09:12 - 2019-01-23 01:25 - 000000000 ____D C:\ProgramData\McAfee
2023-08-08 09:03 - 2023-05-05 14:27 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-08-08 09:03 - 2018-04-27 20:07 - 000000000 ____D C:\Program Files (x86)\Google
2023-08-08 09:01 - 2022-12-09 11:10 - 000000000 ___RD C:\Users\David\OneDrive - Educantabria
2023-08-08 09:01 - 2021-08-16 15:14 - 000000000 ____D C:\Users\David\AppData\Roaming\Spotify
2023-08-08 09:01 - 2018-10-31 01:21 - 000000000 ____D C:\Users\David\AppData\Roaming\Dropbox
2023-08-08 09:01 - 2018-10-31 01:10 - 000000000 ____D C:\Users\David\AppData\Local\Dropbox
2023-08-08 09:01 - 2018-04-27 20:04 - 000000000 ___RD C:\Users\David\OneDrive
2023-08-08 09:01 - 2018-04-27 20:02 - 000000000 ___SD C:\Users\David\AppData\Roaming\Microsoft\Credentials
2023-08-08 09:00 - 2018-04-27 20:02 - 000000000 __SHD C:\Users\David\IntelGraphicsProfiles
2023-08-08 00:17 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-08 00:17 - 2018-04-27 22:16 - 000000000 ____D C:\Users\David\AppData\Roaming\vlc
2023-08-07 22:56 - 2019-12-07 16:55 - 000790938 _____ C:\WINDOWS\system32\perfh00A.dat
2023-08-07 22:56 - 2019-12-07 16:55 - 000156274 _____ C:\WINDOWS\system32\perfc00A.dat
2023-08-07 22:56 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-08-07 22:52 - 2021-03-21 10:16 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-07 22:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-08-07 22:52 - 2018-04-18 19:06 - 000000000 ____D C:\Intel
2023-08-07 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-07 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-07 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-07 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-07 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-07 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-07 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-07 22:51 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-08-07 21:02 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-07 18:05 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-07 18:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-08-07 16:04 - 2021-09-25 11:06 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-08-07 16:04 - 2021-09-25 11:06 - 000001906 _____ C:\Users\Default\Desktop\Google Slides.lnk
2023-08-07 16:04 - 2021-09-25 11:06 - 000001906 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2023-08-07 16:04 - 2021-09-25 11:06 - 000001894 _____ C:\Users\Default\Desktop\Google Docs.lnk
2023-08-07 14:03 - 2023-04-23 21:11 - 000000000 ____D C:\Users\David\AppData\Local\CrashDumps
2023-08-07 14:03 - 2020-06-22 20:48 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-08-07 13:50 - 2020-12-12 19:34 - 000000000 ____D C:\Program Files (x86)\Dell
2023-08-07 13:50 - 2018-04-18 18:55 - 000000000 ____D C:\ProgramData\Dell
2023-08-07 13:41 - 2018-10-16 23:10 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Word
2023-08-07 12:08 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-08-07 12:08 - 2018-06-24 18:14 - 000000000 ____D C:\ProgramData\Packages
2023-08-07 12:08 - 2018-05-22 01:11 - 000000000 ____D C:\Users\David\AppData\Local\Packages
2023-08-07 12:07 - 2023-04-18 20:34 - 000082696 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfesec.sys
2023-08-07 12:07 - 2023-04-18 20:34 - 000018400 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfeelam.sys
2023-08-07 11:53 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-08-07 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-08-07 11:12 - 2019-02-18 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2023-08-06 23:21 - 2022-11-09 11:27 - 000000000 ____D C:\Users\David\Desktop\Ana
2023-08-06 18:22 - 2023-04-18 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2023-08-06 18:22 - 2022-09-16 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2023-08-06 18:22 - 2022-09-13 11:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freac - free audio converter
2023-08-06 18:22 - 2022-09-13 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2023-08-06 18:22 - 2022-06-07 19:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoFirma
2023-08-06 18:22 - 2021-12-19 21:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FabFilter
2023-08-06 18:22 - 2021-12-05 11:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 8
2023-08-06 18:22 - 2021-11-07 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picto-Selector
2023-08-06 18:22 - 2021-10-14 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER
2023-08-06 18:22 - 2021-05-20 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2023-08-06 18:22 - 2021-04-03 14:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2023-08-06 18:22 - 2021-03-25 23:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2023-08-06 18:22 - 2020-11-21 21:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snap Inc
2023-08-06 18:22 - 2020-06-29 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MI
2023-08-06 18:22 - 2020-06-28 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2023-08-06 18:22 - 2020-06-24 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neural DSP
2023-08-06 18:22 - 2020-06-08 20:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery
2023-08-06 18:22 - 2020-06-04 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toontrack
2023-08-06 18:22 - 2020-05-18 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite USB
2023-08-06 18:22 - 2020-05-18 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite Audio Engineering Ltd
2023-08-06 18:22 - 2020-05-08 08:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sigma
2023-08-06 18:22 - 2020-04-18 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)
2023-08-06 18:22 - 2020-04-10 18:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser
2023-08-06 18:22 - 2020-03-24 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2023-08-06 18:22 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2023-08-06 18:22 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\WCN
2023-08-06 18:22 - 2019-12-07 11:18 - 000000000 ____D C:\WINDOWS\Setup
2023-08-06 18:22 - 2019-12-07 11:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2023-08-06 18:22 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-08-06 18:22 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2023-08-06 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-08-06 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2023-08-06 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\spool
2023-08-06 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-08-06 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Help
2023-08-06 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-08-06 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-08-06 18:22 - 2019-06-21 09:40 - 000000000 ____D C:\Program Files\UNP
2023-08-06 18:22 - 2019-05-14 10:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK RTL8187 Wireless LAN Utility
2023-08-06 18:22 - 2019-05-07 12:32 - 000000000 ____D C:\WINDOWS\system32\RtlGina
2023-08-06 18:22 - 2019-03-11 12:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VCDS
2023-08-06 18:22 - 2019-03-09 01:02 - 000000000 ____D C:\WINDOWS\system32\ihvmanager
2023-08-06 18:22 - 2019-02-18 19:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 9.0 Sprint
2023-08-06 18:22 - 2019-02-18 19:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2023-08-06 18:22 - 2018-10-18 13:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 6
2023-08-06 18:22 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2023-08-06 18:22 - 2018-07-16 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-08-06 18:22 - 2018-05-07 23:43 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2023-08-06 18:22 - 2018-04-27 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2023-08-06 18:22 - 2018-04-18 19:06 - 000000000 ____D C:\Program Files\AMD
2023-08-06 18:22 - 2018-04-18 18:56 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2023-08-06 18:22 - 2018-04-18 18:56 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2023-08-06 18:22 - 2018-04-18 18:56 - 000000000 ____D C:\Program Files\Intel
2023-08-06 18:22 - 2018-04-18 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2023-08-06 18:21 - 2019-12-07 11:14 - 000000000 __RHD C:\Users\Public\Libraries
2023-08-06 18:21 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2023-08-06 18:19 - 2023-05-16 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
2023-08-06 18:19 - 2022-09-24 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STL Tonality
2023-08-06 18:19 - 2022-09-24 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STL Tones
2023-08-06 18:19 - 2021-04-03 14:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-Link
2023-08-06 18:19 - 2020-07-28 09:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plugin Boutique
2023-08-06 18:19 - 2020-05-21 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STL Ignite
2023-08-06 18:19 - 2020-05-18 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite
2023-08-06 18:19 - 2020-05-15 17:55 - 000000000 ____D C:\WINDOWS\Firmware
2023-08-06 18:19 - 2020-04-18 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2023-08-06 18:19 - 2020-04-07 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plugin Alliance
2023-08-06 18:19 - 2020-04-05 21:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ML Sound Lab
2023-08-06 18:19 - 2019-12-07 16:57 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-08-06 18:19 - 2019-12-07 16:57 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-08-06 18:19 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2023-08-06 18:19 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2023-08-06 18:19 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2023-08-06 18:19 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\winrm
2023-08-06 18:19 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\slmgr
2023-08-06 18:19 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2023-08-06 18:19 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-08-06 18:19 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-08-06 18:19 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2023-08-06 18:19 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-08-06 18:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2023-08-06 18:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-08-06 18:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-08-06 18:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Resources
2023-08-06 18:19 - 2018-04-27 20:14 - 000000000 ____D C:\Program Files\Realtek
2023-08-06 18:19 - 2018-04-18 18:56 - 000000000 ____D C:\WINDOWS\system32\Intel
2023-08-06 18:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2023-08-06 18:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2023-08-06 17:51 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-08-06 17:35 - 2019-12-07 16:56 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-08-06 17:34 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT
2023-08-06 17:34 - 2018-05-22 01:16 - 000000000 ___RD C:\Users\David\3D Objects
2023-08-06 17:34 - 2016-10-26 16:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-08-06 17:28 - 2019-12-07 11:14 - 000000000 __RSD C:\WINDOWS\Media
2023-08-06 17:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2023-08-06 17:28 - 2018-05-22 01:14 - 000023892 _____ C:\WINDOWS\system32\emptyregdb.dat
2023-08-06 17:26 - 2021-12-27 22:03 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2023-08-06 17:26 - 2021-11-07 19:28 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2023-08-06 17:26 - 2020-04-18 10:17 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2023-08-06 17:26 - 2019-02-18 19:38 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPSON Software
2023-08-06 17:26 - 2018-07-16 12:30 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-08-06 17:25 - 2022-09-13 11:21 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2023-08-06 17:25 - 2022-05-18 18:32 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Power Tab Software
2023-08-06 17:25 - 2021-12-22 17:09 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VGL
2023-08-06 17:25 - 2019-12-07 11:14 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2023-08-06 17:25 - 2018-05-22 01:11 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
2023-08-06 17:24 - 2018-04-27 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2023-08-06 17:24 - 2018-04-27 20:14 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2023-08-06 12:25 - 2018-09-08 01:05 - 000000000 ____D C:\Users\David\AppData\Local\D3DSCache
2023-08-06 12:02 - 2019-04-10 00:04 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2023-08-06 11:39 - 2018-10-05 11:15 - 000000000 ____D C:\Users\David\AppData\Roaming\uTorrent
2023-08-06 11:04 - 2018-07-15 23:56 - 000000000 ____D C:\Torrents
2023-08-04 14:17 - 2020-06-28 12:16 - 000000000 ____D C:\Program Files\Google
2023-08-04 14:08 - 2016-07-16 13:47 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts_old
2023-08-04 13:19 - 2018-04-18 18:55 - 000000000 ____D C:\Program Files\Dell
2023-08-04 13:14 - 2020-06-22 20:48 - 000000000 ____D C:\Users\David\AppData\Roaming\TeamViewer
2023-08-04 11:01 - 2018-04-27 20:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-04 10:49 - 2018-04-27 20:40 - 173351160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-08-04 10:02 - 2020-03-24 18:54 - 000001386 _____ C:\Users\Public\Desktop\Skype.lnk
2023-08-04 10:02 - 2020-03-24 18:54 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Skype for Desktop
2023-08-04 10:01 - 2021-03-25 23:55 - 000001059 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2023-08-04 10:01 - 2020-06-22 20:48 - 000000000 ____D C:\Users\David\AppData\Local\TeamViewer
2023-08-04 10:00 - 2020-05-31 12:19 - 000001146 _____ C:\Users\Public\Desktop\VLC media player.lnk
2023-08-04 09:59 - 2022-02-10 12:19 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-04 09:59 - 2018-07-16 12:30 - 000000000 ____D C:\Program Files\WinRAR
2023-08-04 00:12 - 2018-10-16 23:10 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Office
2023-08-03 19:42 - 2021-05-01 13:13 - 000000000 ____D C:\Users\David\AppData\Roaming\NCH Software
2023-08-03 19:42 - 2021-05-01 13:13 - 000000000 ____D C:\Program Files (x86)\NCH Software
2023-08-03 10:50 - 2021-08-16 15:14 - 000000000 ____D C:\Users\David\AppData\Local\Spotify
2023-08-02 11:48 - 2019-04-09 12:54 - 000000000 ____D C:\Users\David\AppData\Local\BitTorrentHelper
2023-08-02 10:59 - 2018-10-31 01:10 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-07-30 13:32 - 2018-10-16 23:07 - 000000000 ____D C:\Program Files\Microsoft Office
2023-07-30 13:27 - 2020-06-18 10:47 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-07-27 13:57 - 2019-02-10 20:13 - 000000000 ____D C:\Users\David\AppData\Roaming\DAEMON Tools Lite
2023-07-27 13:48 - 2022-08-27 11:43 - 000000000 ____D C:\Users\David\AppData\Local\ElevatedDiagnostics
2023-07-27 11:03 - 2019-08-28 17:59 - 000000000 ____D C:\Programas
2023-07-24 10:36 - 2018-07-01 17:41 - 000000000 ____D C:\Users\David\AppData\Local\PlaceholderTileLogoFolder
2023-07-19 20:51 - 2020-04-07 20:57 - 000000000 ____D C:\Users\David\Documents\REAPER Media
2023-07-17 20:12 - 2021-11-07 19:29 - 000000000 ____D C:\Users\David\Downloads\Telegram Desktop
2023-07-17 20:12 - 2021-11-07 19:28 - 000000000 ____D C:\Users\David\AppData\Roaming\Telegram Desktop

==================== Archivos en la raíz de algunos directorios ========

2020-10-29 20:00 - 2020-10-29 20:00 - 000000008 __RSH () C:\ProgramData\sysqcl1131236454.dat
2019-02-10 20:29 - 2017-10-23 23:05 - 000011290 _____ () C:\Users\David\AppData\Roaming\dwi.bmeth
2023-05-16 20:02 - 2023-05-16 20:03 - 000000016 _____ () C:\Users\David\AppData\Roaming\msregsvv.dll
2023-06-01 18:05 - 2023-06-01 18:18 - 000000132 _____ () C:\Users\David\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2019-02-10 20:29 - 2015-09-18 16:13 - 000937776 _____ (AutoIt Team) C:\Users\David\AppData\Roaming\wscript.exe
2019-01-14 13:15 - 2019-01-14 13:17 - 000534528 _____ (Dirección General de la Policía) C:\Users\David\AppData\Local\DNIeService.exe

==================== FLock ==============================

2018-05-21 23:32 C:\WINDOWS\UpdateAssistant

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Addition (parte 1)

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 06-08-2023
Ejecutado por David (08-08-2023 09:14:10)
Ejecutado desde C:\Users\David\Desktop
Microsoft Windows 10 Home Versión 22H2 19045.3271 (X64) (2023-08-06 15:34:42)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-456901426-2367040865-2536711323-500 - Administrator - Disabled)
David (S-1-5-21-456901426-2367040865-2536711323-1001 - Administrator - Enabled) => C:\Users\David
DefaultAccount (S-1-5-21-456901426-2367040865-2536711323-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-456901426-2367040865-2536711323-1000 - Limited - Disabled) => C:\Users\defaultuser0
Invitado (S-1-5-21-456901426-2367040865-2536711323-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-456901426-2367040865-2536711323-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: McAfee (Disabled - Up to date) {17E6E93C-6841-5FC7-DEB8-480FDC929279}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {2624E002-54CC-27F9-FD39-B2DD14D41191}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee (Disabled) {2FDD6819-222E-5E9F-F5E7-E13A2241D502}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.00.631.5823 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.631.5823 - ABBYY)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM-x32\...\{FE241076-B49A-4129-9DFD-08394BE497D7}) (Version: 4.54.110.4540 - Elcomsoft Co. Ltd.)
AMD Install Manager (HKLM\...\{8166070C-BAAC-6140-4F9D-D8DB556BA6C6}) (Version: 9.0.000.6 - Advanced Micro Devices, Inc.) Hidden
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.6 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2020.0226.0415.7659 - Advanced Micro Devices, Inc.)
Amped - Roots version 1.2.2 (HKLM\...\Amped - Roots_is1) (Version: 1.2.2 - )
Aplicaciones de Microsoft 365 para empresas - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.16626.20134 - Microsoft Corporation)
Apple Application Support (32 bits) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
Archetype Nolly (HKLM\...\{923A067F-9829-4DC4-AEF5-86E1DE61201B}) (Version: 2.0.0 - Neural DSP)
Archetype Nolly version 1.0.1 (HKLM\...\Archetype Nolly_is1) (Version: 1.0.1 - Neural DSP)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22402 - Microsoft Corporation)
AutoFirma (HKLM\...\AutoFirma) (Version: 1.7.2 - Gobierno de España)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
Comprobación de estado de PC Windows (HKLM\...\{8B474A92-CE3A-4F46-B6F1-6DFA1390F826}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Dell Digital Delivery Services (HKLM-x32\...\{4E63542A-F61E-4A6C-9732-13F3425C1758}) (Version: 4.0.34.0 - Dell Inc.)
Dell Mobile Connect Drivers (HKLM\...\{AAB336F0-6FC6-4BFE-AD7E-315FCDF20156}) (Version: 1.1.3750 - Screenovate Technologies Ltd.)
Dell Update for Windows Universal (HKLM\...\{B5318AB2-185E-408A-8ABE-0EDA416E92DB}) (Version: 4.9.0 - Dell Inc.)
Desinstalar impresora EPSON XP-302 303 305 306 Series (HKLM\...\EPSON XP-302 303 305 306 Series) (Version:  - SEIKO EPSON Corporation)
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
Dropbox (HKLM-x32\...\Dropbox) (Version: 179.4.4985 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.761.1 - Dropbox, Inc.) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.11.9.2259 - Steinberg Media Technologies GmbH)
Epson Easy Photo Print 2 (HKLM-x32\...\{02A312B5-1542-47B6-BFE9-F51358C39E86}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
Epson Manual de red EPSON XP-302 303 305 306 Series (HKLM-x32\...\EPSON XP-302 303 305 306 Series Netg) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
FabFilter Total Bundle (HKLM\...\FabFilter Total Bundle_is1) (Version: 2020.6 - FabFilter & Team V.R)
Focusrite Control 3.5.0.1754 (HKLM\...\Focusrite Control_is1) (Version: 3.5.0.1754 - Focusrite Audio Engineering Ltd.)
Focusrite Thunderbolt 4.25.0.335 (HKLM\...\Focusrite Thunderbolt_is1) (Version: 4.25.0.335 - Focusrite Audio Engineering Ltd.)
Focusrite USB 4.63.24.564 (HKLM\...\Focusrite USB_is1) (Version: 4.63.24.564 - Focusrite Audio Engineering, Ltd.)
Fortin Nameless Suite (HKLM\...\{45AD9FBA-8E6B-4F7E-880D-A7C1F40A3796}) (Version: 3.0.1 - Neural DSP)
fre:ac v1.1.7 (HKLM\...\fre:ac v1.1.7) (Version: 1.1.7 - )
Freemake Audio Converter versión 1.1.9 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.9 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 115.0.5790.171 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 79.0.2.0 - Google LLC)
IK Multimedia AmpliTube 5 (HKLM\...\AmpliTube 5_is1) (Version: 5.5.3 - IK Multimedia)
Intel(R) Chipset Device Software (HKLM\...\{81520FC5-3518-40E9-9803-70CE8A801D07}) (Version: 10.1.1.38 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10207.5567 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{09DAB6B6-FBEF-4AC5-AE93-BFF01A0B796D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{B557A9A1-D64B-43D7-B598-F7BAAE897CF3}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{3479FCE3-F7D2-4980-819A-767941440932}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{EBE12EC7-60DF-41C2-AAC8-0B2586F15C96}) (Version: 15.2.0.1020 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{FBC819D6-78B6-49AB-931E-3D127D43BE64}) (Version: 30.100.1725.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Manual de funcionamiento básico EPSON XP-302 303 305 306 Series (HKLM-x32\...\EPSON XP-302 303 305 306 Series Bog) (Version:  - )
Manual de usuario EPSON XP-302 303 305 306 Series (HKLM-x32\...\EPSON XP-302 303 305 306 Series Useg) (Version:  - )
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.12253.1 - Waves Audio Ltd.) Hidden
McAfee (HKLM\...\McAfee.WPS) (Version: 1.11.184.1 - McAfee, LLC)
McAfee Safe Connect (HKLM-x32\...\{82D8F05E-9F97-415F-8622-C65C6759EFC6}) (Version: 2.16 - McAfee, LLC.) Hidden
McAfee Safe Connect (HKLM-x32\...\{a6cf057b-0e6f-4367-9afe-6aeb5a6ca5a5}) (Version: 2.16 - McAfee, LLC.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 115.0.1901.188 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\OneDriveSetup.exe) (Version: 23.147.0716.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Teams) (Version: 1.6.00.6754 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{B81577B2-3AD0-4AFD-A19C-87F673C09D0C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{62678770-F459-4903-83E3-A2968F6CC242}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (HKLM-x32\...\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{08D2E121-7F6A-43EB-97FD-629B44903403}) (Version: 1.00.0000 - Adobe) Hidden
MIKKO (HKLM\...\{9777DB55-E2DB-4F00-9B32-4854642EAF51}) (Version: 1.2.0 - ML Sound Lab)
MIKKO2 (HKLM\...\{C8D0C8DE-D768-4F18-92B3-03CC23F21CF2}) (Version: 2.0.8 - ML Sound Lab)
Mozilla Firefox (x64 es-ES) (HKLM\...\Mozilla Firefox 102.0.1 (x64 es-ES)) (Version: 102.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 88.0.1 - Mozilla)
Mp3tag v3.17 (HKLM\...\Mp3tag) (Version: 3.17 - Florian Heidenreich)
Native Access 3.4.0 (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\c410b7d2-8fce-53b3-8332-e98b6e89a16a) (Version: 3.4.0 - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.2.8 - Native Instruments)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.7.1.0 - Native Instruments)
Native Instruments NTKDaemon (HKLM-x32\...\Native Instruments NTKDaemon) (Version: 1.12.0.0 - Native Instruments)
Neural DSP Archetype Cory Wong (HKLM\...\Archetype Cory Wong_is1) (Version: 1.0.0 - Neural DSP)
Neural DSP Archetype Gojira (HKLM\...\Archetype Gojira_is1) (Version: 1.0.0 - Neural DSP)
Neural DSP OMEGA Ampworks Granophyre (HKLM\...\OMEGA Ampworks Granophyre_is1) (Version: 1.0.0 - Neural DSP)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 29.1.3 - OBS Project)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.16626.20118 - Microsoft Corporation) Hidden
PACE License Support Win64 (HKLM\...\{CDDC4CA3-FBF0-46c3-8EB1-B001EA7FDA55}) (Version: 5.2.1.3096 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{CDDC4CA3-FBF0-46c3-8EB1-B001EA7FDA55}) (Version: 5.2.1.3096 - PACE Anti-Piracy, Inc.)
Paquete de controladores de Windows - Ross-Tech HIDClass  (02/13/2014 6.3.0.2) (HKLM\...\5E356C0921BECEC7743BAC21F6B7A5775044AFC0) (Version: 02/13/2014 6.3.0.2 - Ross-Tech)
Paquete de controladores de Windows - Ross-Tech USB Driver Package (05/12/2014 2.10.00) (HKLM\...\88B02C4BD09AA7910C55C4E74BE8F036244B5CF9) (Version: 05/12/2014 2.10.00 - Ross-Tech)
Parallax (HKLM\...\{F65DF0A2-68AA-41DA-82C0-93E762A2D170}) (Version: 2.0.1 - Neural DSP)
PDF Architect 6 (HKLM-x32\...\PDF Architect 6) (Version: 6.1.19.842 - pdfforge GmbH)
PDF Architect 6 Create Module (HKLM\...\{A0ACB885-7CDD-4E43-9109-E49CF70E4039}) (Version: 6.1.24.1862 - pdfforge GmbH) Hidden
PDF Architect 6 Edit Module (HKLM\...\{FC39343C-732F-433E-9929-F9D08BA73792}) (Version: 6.1.24.1862 - pdfforge GmbH) Hidden
PDF Architect 6 View Module (HKLM\...\{7FFD0E0F-478A-4393-BBB0-4B20FAF5F3B7}) (Version: 6.1.24.1862 - pdfforge GmbH) Hidden
PDF Architect 8 Edit Module (HKLM\...\{C0F370AC-91F0-4AF0-8974-E61F91830082}) (Version: 8.0.56.12577 - pdfforge GmbH)
PDF Architect 8 OCR Module (HKLM\...\{EA02E09A-24BE-4B80-BDE5-FA227FDE8C19}) (Version: 8.0.56.12577 - pdfforge GmbH)
PDF Architect 8 OCR TESS Module (HKLM\...\{C77539BB-2983-4F47-815E-CABBC27EEFC4}) (Version: 8.0.56.12577 - pdfforge GmbH)
PDF Architect 8 View Module (HKLM\...\{742A4199-7DB6-4830-95C4-570D5CB709AF}) (Version: 8.0.56.12577 - pdfforge GmbH)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Picto-Selector 1.8 (HKLM-x32\...\{8032E8DE-1764-4F00-B19E-EF2DBBDB649B}_is1) (Version:  - M.C. van der Kooij)
Pixillion, convertidor de archivos de imagen (HKLM-x32\...\Pixillion) (Version: 10.20 - NCH Software)
Plugin Boutique Scaler 2 (HKLM\...\Scaler 2_is1) (Version: 2.0.6 - Plugin Boutique)
Power Tab Editor 1.7 (HKLM-x32\...\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}) (Version: 1.7.0 - Power Tab Software)
Pulse Application Launcher (HKLM-x32\...\{A06B0A43-5108-43AE-9C97-4D73AE1A0F78}) (Version: 9.0.1151 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Pulse_Setup_Client) (Version: 9.0.2.1151 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Pulse_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Pulse Secure Setup Client Activex Control (HKLM-x32\...\Pulse_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10480 - Qualcomm)
Qualcomm Unified Wireless Suite (HKLM-x32\...\{6CFE6F33-3D69-4B9C-AA20-FF1F8CB064D5}) (Version: 11.0.0.10394 - Qualcomm)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.50.511.2021 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8895.1 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10586.11213 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{0DF70CB6-553A-4C57-8E6D-87635EECFB78}) (Version: 1.00.0125 - REALTEK Semiconductor Corp.)
REAPER (HKLM-x32\...\REAPER) (Version:  - )
REAPER (x64) (HKLM\...\REAPER) (Version: 6.79 - Cockos Incorporated)
Sigma version 1.0.2 (HKLM\...\Sigma_is1) (Version: 1.0.2 - )
Skype versión 8.100 (HKLM-x32\...\Skype_is1) (Version: 8.100 - Skype Technologies S.A.)
SmartByte Drivers and Services (HKLM\...\{A0CDAD3D-0329-4E3E-8DC1-30E333D6564D}) (Version: 3.1.995 - Rivet Networks)
Snap Camera 1.10.0 (HKLM-x32\...\{024A6CF5-627D-497F-980B-B9A6EC5C40AF}_is1) (Version: 1.10.0 - Snap Inc.)
Soporte para el iPod (HKLM\...\{E8676067-68D7-483A-BC2B-A7FF808077E2}) (Version: 120.7.3.55 - Apple Inc.)
Spotify (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\Spotify) (Version: 1.1.89.862.g94554d24 - Spotify AB)
Steinberg Cubase 10.0.40 Pro RC3 (HKLM\...\{14EF9A03-484C-4A5A-B91F-02634DC911A5}) (Version: RC3 - Team DC - V.R- Zaka1 - Mono 2020®)
STL Ignite Libra (HKLM\...\Libra_is1) (Version: 1.2.0 - STL Ignite)
STL Tonality Andy James (HKLM\...\Andy James_is1) (Version: 1.0.1 - STL Tonality)
STL Tones STL Tonality - Howard Benson (HKLM\...\STL Tonality - Howard Benson_is1) (Version: 1.0.2b - STL Tones)
Superior Drummer 3 64-bit (HKLM\...\{601B23D3-45DC-4B2B-BAEB-FACA2F9A3656}) (Version: 3.0.1 - Toontrack)
Tales Of Monkey Insland Gold (HKLM-x32\...\Tales Of Monkey Insland Gold) (Version:  - )
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.2781 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.44.5 - TeamViewer)
Telegram Desktop (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.8.1 - Telegram FZ-LLC)
Toontrack EZdrummer 2.1.8 (HKLM\...\EZdrummer_is1) (Version: 2.1.8 - Toontrack & Team V.R)
Toontrack Superior Drummer 3.1.7 (HKLM\...\Superior Drummer 3_is1) (Version: 3.1.7 - Toontrack & Team V.R)
TP-Link PLC Utility (HKLM-x32\...\{88BC1EEA-0E0D-4016-B892-5FE92C01845A}) (Version: 2.3.3960.1 - TP-Link) Hidden
TP-Link PLC Utility (HKLM-x32\...\InstallShield_{88BC1EEA-0E0D-4016-B892-5FE92C01845A}) (Version: 2.3.3960.1 - TP-Link)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{CC1FE5D3-78A8-4EC4-AB83-B5EF8DC4118D}) (Version: 1.16.0.0 - Microsoft Corporation) Hidden
VCDS Release 15.7.1 (HKLM-x32\...\VCDS Release) (Version: 15.7.1 - Ross-Tech)
VGL (HKLM-x32\...\{9B4E0A2E-9475-4D0F-ACBD-D73727C1D51A}) (Version: 1.0 - TSC)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Vulkan Run Time Libraries 1.0.21.0 (HKLM\...\VulkanRT1.0.21.0) (Version: 1.0.21.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WebAdvisor de McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.827 - McAfee, LLC)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 115.0.1901.188 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 6.23 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.23.0 - win.rar GmbH)
Xiaomi Cloud (HKLM\...\dbd7cffb-9b67-55a5-b1a3-aabba639e500) (Version: 1.0.16 - 小米科技有限责任公司)
Zoom (HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2022-08-15] (Autodesk Inc.)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-08-15] (Microsoft Corporation)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.0.64.0_x64__htrsf667h5kn2 [2023-02-14] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.9.14.0_x86__htrsf667h5kn2 [2023-05-15] (Dell Inc)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa [2023-06-08] (Apple Inc.) [Startup Task]
McAfee® Security -> C:\Program Files\McAfee\WPS\1.11.184.1 [2023-08-07] ()
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-08-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-08-06] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-08-15] (Netflix, Inc.)
One Calendar -> C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2023.508.1.0_x64__8kea50m9krsh2 [2023-05-22] (Code Spark)
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.607.100_x64__8wekyb3d8bbwe [2023-06-15] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-21] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2330.7.0_x64__cv1g1gvanyjgm [2023-08-03] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.2 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2023-07-19] (Microsoft Corp.)
WinAppRuntime.Main.1.3 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.3_3000.882.2207.0_x64__8wekyb3d8bbwe [2023-08-07] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_3000.934.1904.0_x64__8wekyb3d8bbwe [2023-07-27] (Microsoft Corp.)
Windows App Runtime DDLM 2000.802.31.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.802.31.0-x6_2000.802.31.0_x64__8wekyb3d8bbwe [2023-07-19] (Microsoft Corporation)
Windows App Runtime DDLM 2000.802.31.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.802.31.0-x8_2000.802.31.0_x86__8wekyb3d8bbwe [2023-07-19] (Microsoft Corporation)
Windows App Runtime DDLM 3000.882.2207.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3000.882.2207.0-x6_3000.882.2207.0_x64__8wekyb3d8bbwe [2023-08-07] (Microsoft Corporation)
Windows App Runtime DDLM 3000.882.2207.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3000.882.2207.0-x8_3000.882.2207.0_x86__8wekyb3d8bbwe [2023-08-07] (Microsoft Corporation)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-456901426-2367040865-2536711323-1001_Classes\CLSID\{04271989-C4D2-4135-C564-1FD9BCC03C8A} -> [OneDrive - Educantabria] => C:\Users\David\OneDrive - Educantabria [2022-12-09 11:10]
CustomCLSID: HKU\S-1-5-21-456901426-2367040865-2536711323-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23061.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-456901426-2367040865-2536711323-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-456901426-2367040865-2536711323-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => Ningún archivo
CustomCLSID: HKU\S-1-5-21-456901426-2367040865-2536711323-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\David\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-456901426-2367040865-2536711323-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\David\Dropbox [2018-10-31 01:23]
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-07] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-07] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-07] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-07] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-07] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\WPS\1.11.184.1\mc-ctxmnu.dll [2023-08-07] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-07-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers1: [PDFArchitect6_ManagerExt] -> {6508EEA0-C540-4420-AF21-64937A1536D0} => C:\Program Files\PDF Architect 6\context-menu.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PDFArchitect8_ManagerExt] -> {DDD1CFB8-3C9C-4269-B905-43CC309D569E} => C:\Program Files\PDF Architect 8\context-menu.dll [2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-07-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-07] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-07-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-07] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxDTCM.dll [2020-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\WPS\1.11.184.1\mc-ctxmnu.dll [2023-08-07] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2019-12-04 03:49 - 2019-12-04 03:49 - 000017920 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 003567616 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-02-26 05:05 - 2020-02-26 05:05 - 001518592 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2016-09-19 20:36 - 2016-09-19 20:36 - 002640896 _____ (Atheros Communications) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\DiagAPI.dll
2016-09-19 20:36 - 2016-09-19 20:36 - 000250880 _____ (Quacomm Atheros, Inc.) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\awic\DCWlan.dll
2016-09-19 20:35 - 2016-09-19 20:35 - 000129024 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\awic\ipc.dll
2016-09-19 20:35 - 2016-09-19 20:35 - 000124928 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\awic\TCPConnection.dll
2016-09-19 20:35 - 2016-09-19 20:35 - 000244736 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\awic\utils.dll
2016-09-19 20:38 - 2016-09-19 20:38 - 000153600 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\en-US\AWiCDiag.dll.mui
2016-09-19 20:35 - 2016-09-19 20:35 - 000129024 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\ipc.dll
2016-09-19 20:35 - 2016-09-19 20:35 - 000124928 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\TCPConnection.dll
2016-09-19 20:35 - 2016-09-19 20:35 - 000244736 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ihvs\utils.dll
2016-09-19 20:35 - 2016-09-19 20:35 - 000129024 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\ipc.dll
2016-09-19 20:35 - 2016-09-19 20:35 - 000129024 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\spectral\ipc.dll
2016-09-19 20:35 - 2016-09-19 20:35 - 000124928 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\spectral\TCPConnection.dll
2016-09-19 20:35 - 2016-09-19 20:35 - 000244736 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\spectral\utils.dll
2016-09-19 20:35 - 2016-09-19 20:35 - 000124928 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\TCPConnection.dll
2016-09-19 20:35 - 2016-09-19 20:35 - 000244736 _____ (Qualcomm Atheros, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm\Qualcomm Unified Wireless Suite\utils.dll
2005-01-13 11:47 - 2005-01-13 11:47 - 000049152 _____ (SEIKO EPSON CORP.) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\ESPSUTL.dll
2011-04-14 10:25 - 2011-04-14 10:25 - 000206336 _____ (SEIKO EPSON CORP.) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\ScnCom10.dll
2011-04-14 10:25 - 2011-04-14 10:25 - 000082944 _____ (SEIKO EPSON CORP.) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\ScnEps25.dll
2011-04-14 10:25 - 2011-04-14 10:25 - 000055808 _____ (SEIKO EPSON CORP.) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\ScnMgr10.dll
2011-11-25 18:47 - 2011-11-25 18:47 - 000110080 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 18:39 - 2009-10-21 18:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2011-04-14 10:16 - 2011-04-14 10:16 - 000136704 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\ScanEngine30.dll
2019-02-18 19:39 - 2012-11-12 16:15 - 000558592 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\WINDOWS\System32\enppmon.dll
2019-02-18 19:39 - 2012-10-22 18:19 - 000219648 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\WINDOWS\System32\enpres.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000031744 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000039424 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000031744 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000413696 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000025088 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000025088 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000023552 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000519168 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 001431040 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 001180672 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000135680 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-02-26 04:13 - 2020-02-26 04:13 - 006010880 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-12-04 03:48 - 2019-12-04 03:48 - 006345216 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-12-04 03:48 - 2019-12-04 03:48 - 001078272 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-12-04 03:48 - 2019-12-04 03:48 - 000313856 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-12-04 03:48 - 2019-12-04 03:48 - 004000256 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-12-04 03:48 - 2019-12-04 03:48 - 003802624 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-12-04 03:48 - 2019-12-04 03:48 - 000171008 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2019-12-04 03:48 - 2019-12-04 03:48 - 001083904 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2019-12-04 03:48 - 2019-12-04 03:48 - 000205312 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2019-12-04 03:48 - 2019-12-04 03:48 - 000329728 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-12-04 03:48 - 2019-12-04 03:48 - 000113152 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-12-04 03:48 - 2019-12-04 03:48 - 000376320 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 092323328 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 005560832 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000463360 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000188416 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 002888704 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000053760 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000059392 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000017408 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000287232 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000329216 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000136192 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000089088 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000312320 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-12-04 03:49 - 2019-12-04 03:49 - 000017920 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-02-26 04:13 - 2020-02-26 04:13 - 000085504 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

Addition (parte 2)

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\David Lozano - Portafolio Prácticum AL.docx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\David\Downloads\ChromeSetup (2).exe:MBAM.Zone.Identifier [406]
AlternateDataStreams: C:\Users\David\Downloads\FRST64.exe:MBAM.Zone.Identifier [240]
AlternateDataStreams: C:\Users\David\Downloads\MediaCreationTool22H2.exe:MBAM.Zone.Identifier [184]
AlternateDataStreams: C:\Users\David\Downloads\MSEInstall.exe:MBAM.Zone.Identifier [184]
AlternateDataStreams: C:\Users\David\Downloads\Vídeo día del libro Julia.mp4:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\David\Documents\SEMANA 1 (prácticas AL).docx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\David\Documents\SEMANA 2 (prácticas AL).docx:com.dropbox.attrs [54]

==================== Modo Seguro (Lista blanca) ==================

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
BHO: PDF Architect 8 Helper -> {158C3474-46E4-49FB-9767-45B6B62BF2FF} -> C:\Program Files\PDF Architect 8\creator\plugins\IEAddin\creator-ie-helper.dll [2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
BHO: PDF Architect 6 Helper -> {9FD094B1-A4BF-415A-82AE-8C2845D0B769} -> C:\Program Files\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: PDF Architect 8 Helper -> {158C3474-46E4-49FB-9767-45B6B62BF2FF} -> C:\Program Files (x86)\PDF Architect 8\creator\plugins\IEAddin\creator-ie-helper.dll [2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: PDF Architect 6 Helper -> {9FD094B1-A4BF-415A-82AE-8C2845D0B769} -> C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
Toolbar: HKLM - PDF Architect 6 Toolbar - {E8536605-CA24-4DFF-B1BC-316EE27F6DF7} - C:\Program Files\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Toolbar: HKLM - PDF Architect 8 Toolbar - {20DAE01A-E7B4-4499-8CB5-5939490F25A0} - C:\Program Files\PDF Architect 8\creator\plugins\IEAddin\creator-ie-plugin.dll [2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - PDF Architect 6 Toolbar - {E8536605-CA24-4DFF-B1BC-316EE27F6DF7} - C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - PDF Architect 8 Toolbar - {20DAE01A-E7B4-4499-8CB5-5939490F25A0} - C:\Program Files (x86)\PDF Architect 8\creator\plugins\IEAddin\creator-ie-plugin.dll [2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-30] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\line6.net -> line6.net
IE trusted site: HKU\S-1-5-21-456901426-2367040865-2536711323-1001\...\sharepoint.com -> hxxps://educantabria-files.sharepoint.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2016-07-16 13:47 - 2023-08-06 11:18 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKU\S-1-5-21-456901426-2367040865-2536711323-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-456901426-2367040865-2536711323-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\backgroundDefault.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: ABBYY.Licensing.FineReader.Sprint.9.0 => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: cplspcon => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: Dell Digital Delivery Services => 2
MSCONFIG\Services: DellClientManagementService => 2
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: esifsvc => 2
MSCONFIG\Services: Focusrite Control Server => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: igfxCUIService2.0.0.0 => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McAfee WebAdvisor => 2
MSCONFIG\Services: mccspsvc => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NTKDaemonService => 2
MSCONFIG\Services: PaceLicenseDServices => 2
MSCONFIG\Services: PDF Architect 6 => 3
MSCONFIG\Services: PDF Architect 6 Creator => 2
MSCONFIG\Services: PDF Architect 6 Update Service => 2
MSCONFIG\Services: PDF Architect 8 => 3
MSCONFIG\Services: PDF Architect 8 Creator => 3
MSCONFIG\Services: Realtek87L => 2
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: RtkAudioService => 2
MSCONFIG\Services: SafeConnectService => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: WavesSysSvc => 2

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{261DBF91-BDD2-48FB-AAD5-F33F8460A674}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AD7B6211-92D4-4026-9871-93B00DCBED8D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{82DCFCAE-A66F-4F33-9E0A-FC589D5825D2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{97A5FCED-2F0D-42AB-9506-BEA277C3D1F1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D6E492E1-458F-4573-8CF5-ADC0FFBC9BDD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D6F7F375-04F5-4A0B-9F95-418886908FC7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6C4AB28B-94D2-49C6-85F3-740081ABEF4E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5734C039-428F-4091-9C10-5E68DC629BFA}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{BA5C7F63-5441-4D59-A99A-B4DFD5A48764}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{CBA89FB7-9692-4C9A-B8BC-492B1381751D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{58983AC0-601C-41EA-992E-5E54B88FF0CB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CE4951E4-3D8F-4F48-AAC3-4B6D219F1DEC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{89F352C3-AAB3-4107-A0F6-26662ED285CB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2D3891B8-D2D9-4555-9166-36D6FB8EE8EF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.188\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B45080F9-6B42-49EF-A681-A82FB491B7C8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{072767D2-2103-4096-9187-192CD87ADE22}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{5F513007-CCF3-417E-B19F-510F54CA76D7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{853CF49B-FBD1-44B1-8702-E2666A4BEB1C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{B55379C0-F647-4E65-BFCF-55CBF0E59C42}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{BF2B48B6-BF9B-46E4-B46F-54A068CA7A9B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{7A49C836-C121-42E4-8C77-6C521A8BFADE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{B1AF5D4D-2912-41F8-9889-71F3293848D6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{60392A20-E6DB-4DB0-92A0-2B8109C6714B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{058F0B1C-46BA-4416-93C6-B24F4942CF4C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F159EABD-1B82-404B-87F6-4AA621473A9A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{9F207A1B-844B-4A99-81E4-71122E1319C8}C:\users\david\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\david\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{59BF128E-7C7B-4010-B266-DF4F6EDEEDAC}C:\users\david\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\david\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{5C84F87C-FE44-47B1-AFC3-EA5F6D8AC680}C:\users\david\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\david\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{ED4767CE-6C2E-4DAF-A300-9035DB4BA7B3}C:\users\david\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\david\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9330EE2B-012A-4439-ACA2-35851203600B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => Ningún archivo
FirewallRules: [{AD86CE3F-3164-4F59-91F3-AC395E7DD6F3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => Ningún archivo
FirewallRules: [{99CE0C91-63AE-471B-BF52-337567C333E0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CCE650AB-7AD0-4091-9613-242FE3CA5FCE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E918BFBF-92E8-4A0F-9C47-493D5BA76BB3}] => (Allow) C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe (Focusrite Audio Engineering Ltd.) [Archivo no firmado]
FirewallRules: [{5D1163DD-CD2A-4FF9-A277-F3D1CDE92D25}] => (Allow) LPort=53
FirewallRules: [{E173F94D-5E66-4E77-A9B2-30D49BF22315}] => (Allow) LPort=1542
FirewallRules: [{16CEF79A-85CF-4E0D-B0D0-585350191575}] => (Allow) LPort=1542
FirewallRules: [{D7D534DF-D2D2-4766-AC31-DBE6199E8E33}] => (Allow) C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.) [Archivo no firmado]
FirewallRules: [{56040C8C-B7B4-46E3-B161-757062373297}] => (Allow) C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.) [Archivo no firmado]
FirewallRules: [{F422BCE0-EF09-4B7C-9436-07CD3ABD0406}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{9DFCD113-0851-4E1E-A202-D40CE62076C8}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{901315B2-5259-4D94-B732-DD022277B237}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{8194FC41-AFBC-434F-A9B4-5967D108537D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{2E1B09BA-8FA6-450F-A7D9-386E1D611FD0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{41BA781B-1EA1-49AD-A615-0E0B396D115A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{625A9F40-520B-4872-A862-2668F44F0908}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5FCF399C-917D-4BB9-B5FF-89E6181D2ACD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1F36858C-9F7B-40DD-9471-06D75D1D48DD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{114BCCEB-8405-4AF6-895A-D32AB135F7BB}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => Ningún archivo
FirewallRules: [{6C211ACA-E16D-46EE-A7CC-95A91804CF87}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => Ningún archivo
FirewallRules: [{E6DAE4C4-CE29-4B1A-BD04-178F4877B2B1}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => Ningún archivo
FirewallRules: [{F4F91559-B9F3-4224-90AC-510472B55B90}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => Ningún archivo
FirewallRules: [{B4030E73-0772-46C4-8833-9CDA03676263}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{A1F80FE7-479A-46EB-8AF4-42DE3C12C820}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe => Ningún archivo
FirewallRules: [{F40026A9-E2DE-4271-B6C0-842EAD9BD618}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => Ningún archivo
FirewallRules: [{AD8BA9F2-1779-4DCE-AFB1-F32945BA8C6E}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe => Ningún archivo
FirewallRules: [{B6F48DC1-968A-4CBB-932D-D65E2E611A74}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe => Ningún archivo
FirewallRules: [{BB685763-EFD5-48E3-801F-B52D106DD6EB}] => (Allow) C:\Users\David\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{0669E336-67D6-41E8-B59F-1C8524D9FAB6}] => (Allow) C:\Users\David\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{0DCB722E-AD67-4DA7-8A6B-641CB8C90A36}] => (Allow) C:\Users\David\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

==================== Puntos de Restauración =========================


==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (08/08/2023 09:01:19 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: SafeConnect.Entry.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.NullReferenceException
   en SafeConnect.Core.APP.Utils.PolicyManager+<LoadPolicy>d__10.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task)
   en System.Runtime.CompilerServices.TaskAwaiter.GetResult()
   en SafeConnect.Core.APP.App+<AppSettingsInitialization>d__29.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task)
   en System.Runtime.CompilerServices.TaskAwaiter.GetResult()
   en SafeConnect.Core.APP.App+<OnStartup>d__27.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   en System.Windows.Threading.DispatcherOperation.InvokeImpl()
   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   en MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   en System.Windows.Threading.DispatcherOperation.Invoke()
   en System.Windows.Threading.Dispatcher.ProcessQueue()
   en System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   en MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   en MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   en System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   en MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   en MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   en System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   en System.Windows.Application.RunDispatcher(System.Object)
   en System.Windows.Application.RunInternal(System.Windows.Window)
   en <Module>.StartupRun()

Error: (08/07/2023 10:53:14 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: SafeConnect.Entry.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.NullReferenceException
   en SafeConnect.Core.APP.Utils.PolicyManager+<LoadPolicy>d__10.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task)
   en System.Runtime.CompilerServices.TaskAwaiter.GetResult()
   en SafeConnect.Core.APP.App+<AppSettingsInitialization>d__29.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task)
   en System.Runtime.CompilerServices.TaskAwaiter.GetResult()
   en SafeConnect.Core.APP.App+<OnStartup>d__27.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   en System.Windows.Threading.DispatcherOperation.InvokeImpl()
   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   en MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   en System.Windows.Threading.DispatcherOperation.Invoke()
   en System.Windows.Threading.Dispatcher.ProcessQueue()
   en System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   en MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   en MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   en System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   en MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   en MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   en System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   en System.Windows.Application.RunDispatcher(System.Object)
   en System.Windows.Application.RunInternal(System.Windows.Window)
   en <Module>.StartupRun()

Error: (08/07/2023 08:56:59 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.

Error: (08/07/2023 02:05:31 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: SafeConnect.Entry.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.NullReferenceException
   en SafeConnect.Core.APP.Utils.PolicyManager+<LoadPolicy>d__10.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task)
   en System.Runtime.CompilerServices.TaskAwaiter.GetResult()
   en SafeConnect.Core.APP.App+<AppSettingsInitialization>d__29.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task)
   en System.Runtime.CompilerServices.TaskAwaiter.GetResult()
   en SafeConnect.Core.APP.App+<OnStartup>d__27.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   en System.Windows.Threading.DispatcherOperation.InvokeImpl()
   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   en MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   en System.Windows.Threading.DispatcherOperation.Invoke()
   en System.Windows.Threading.Dispatcher.ProcessQueue()
   en System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   en MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   en MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   en System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   en MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   en MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   en System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   en System.Windows.Application.RunDispatcher(System.Object)
   en System.Windows.Application.RunInternal(System.Windows.Window)
   en <Module>.StartupRun()

Error: (08/07/2023 11:31:44 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: SafeConnect.Entry.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.NullReferenceException
   en SafeConnect.Core.APP.Utils.PolicyManager+<LoadPolicy>d__10.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task)
   en System.Runtime.CompilerServices.TaskAwaiter.GetResult()
   en SafeConnect.Core.APP.App+<AppSettingsInitialization>d__29.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(System.Threading.Tasks.Task)
   en System.Runtime.CompilerServices.TaskAwaiter.GetResult()
   en SafeConnect.Core.APP.App+<OnStartup>d__27.MoveNext()
   en System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   en System.Windows.Threading.DispatcherOperation.InvokeImpl()
   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   en MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   en System.Windows.Threading.DispatcherOperation.Invoke()
   en System.Windows.Threading.Dispatcher.ProcessQueue()
   en System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   en MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   en MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   en System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   en MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   en MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   en System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   en System.Windows.Application.RunDispatcher(System.Object)
   en System.Windows.Application.RunInternal(System.Windows.Window)
   en <Module>.StartupRun()

Error: (08/07/2023 11:27:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: sihost.exe, versión: 10.0.19041.746, marca de tiempo: 0x0ead4601
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.19041.3155, marca de tiempo: 0xbf300201
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000012d8b2
Identificador del proceso con errores: 0xf1c
Hora de inicio de la aplicación con errores: 0x01d9c91167531299
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\sihost.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll
Identificador del informe: 51d948bb-69f3-43af-a1ec-8a2cee8890b6
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (08/07/2023 11:27:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: sihost.exe, versión: 10.0.19041.746, marca de tiempo: 0x0ead4601
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.19041.3155, marca de tiempo: 0xbf300201
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000012d8b2
Identificador del proceso con errores: 0x1d28
Hora de inicio de la aplicación con errores: 0x01d9c91165ee5f09
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\sihost.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll
Identificador del informe: facb49ab-c754-4877-984b-f51dbbc70370
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (08/07/2023 11:27:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: sihost.exe, versión: 10.0.19041.746, marca de tiempo: 0x0ead4601
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.19041.3155, marca de tiempo: 0xbf300201
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000012d8b2
Identificador del proceso con errores: 0x2acc
Hora de inicio de la aplicación con errores: 0x01d9c91164880a65
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\sihost.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll
Identificador del informe: fc50de57-4189-45db-9619-a9022894711a
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


Errores del sistema:
=============
Error: (08/08/2023 12:17:47 AM) (Source: volsnap) (EventID: 25) (User: )
Description: Se eliminaron las instantáneas del volumen C: porque el almacenamiento de instantáneas no se completó a tiempo. Considere reducir la carga de E/S en el sistema o elija un volumen de almacenamiento de instantáneas del que no se esté haciendo una instantánea.

Error: (08/07/2023 10:53:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio mc-fw-host.

Error: (08/07/2023 02:03:08 PM) (Source: DCOM) (EventID: 10000) (User: WINDELL-14BP45B)
Description: No se puede iniciar un servidor DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Error 
"2147942767"
al iniciar este comando:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (08/07/2023 01:50:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio Hacer clic y ejecutar de Microsoft Office terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (08/07/2023 01:50:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AtherosSvc se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (08/07/2023 01:50:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Waves Audio Services se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (08/07/2023 01:50:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Dynamic Application Loader Host Interface Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (08/07/2023 01:50:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio SAS Core Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1000 milisegundos: Reiniciar el servicio.


CodeIntegrity:
===============
Date: 2023-08-08 09:07:52
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\McAfee\WPS\1.11.184.1\mc-sec-plugin-x64.dll that did not meet the Windows signing level requirements.

Date: 2023-08-08 09:07:38
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\McAfee\WPS\1.11.184.1\mc-sec-plugin-x64.dll that did not meet the Windows signing level requirements.


==================== Información de la memoria =========================== 

BIOS: Dell Inc. 1.2.8 05/22/2019
Placa base: Dell Inc. 05VRRG
Procesador: Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz
Porcentaje de memoria en uso: 32%
RAM física total: 16282.63 MB
RAM física disponible: 10924.77 MB
Virtual total: 19866.63 MB
Virtual disponible: 13693.59 MB

==================== Unidades ================================

Drive c: (Windows) (Fixed) (Total:237.03 GB) (Free:30.3 GB) (Model: SanDisk X400 2.5 7MM 256GB) NTFS
Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:0.61 GB) (Model: SanDisk X400 2.5 7MM 256GB) FAT32

\\?\Volume{90f9eb0c-405f-4d71-a3e3-654cb83357d6}\ (WinRE) (Fixed) (Total:0.39 GB) (Free:0.38 GB) NTFS
\\?\Volume{6d2271ac-5bc7-4adf-91a7-ff6d798a283f}\ () (Fixed) (Total:0.83 GB) (Free:0.27 GB) NTFS
\\?\Volume{b27b9f3f-ebb0-4f97-bd09-77138d8fb90e}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Final de Addition.txt =======================

Nadie me puede ayudar?

Creo que voy a tener que formatear el ordenador…

Hola buenas @Davidian, bienvenido foro. Al ser nuevo te recomiendo que te leas las políticas de este. No porque hayas hecho nada mal, sino para saber más acerca del funcionamiento de este.

He revisado muy rápidamente tus logs así a ojo y más menos ya tengo localizados los puntos donde se aloja y carga el malware en tu sistema. He visto que has intentado usar DTKILL, buen intento, pero… a esta versión que tienes del malware no lo podrás eliminar de esta forma.

Armar el script entero al 100 x 100 de mi parte requiere algo de tiempo… Dime:

¿Sigues necesitando ayuda acerca del problema qué comentaste inicialmente en este tema? Si es así te armo el Script.

Si es así, dímelo y atenderé tu caso.

Salu2.

Muy buenas Marr0n. Efectivamente sigo necesitando ayuda. El tiempo que te lleve no te precupes. Muchas gracias por ayudarme!!