Me uno al club de la doble tilde

Eliminar Malwares
1

hola buenas tardes a todos.

me llamo manu,llevaba mucho tiempo sin entrar al foro,tanto seria que el equipo me reconocia la cuenta y contraseña pero al ir a entrar,me decian que no reconocian mi cuenta/usuario. nada ,me he vuelto a registrar.

me uno al club de la doble tilde,pensando que era un fallo del teclado hasta que me dio por buscar… malbarebytes y superAntispyware parecen pararlo un rato,pero vuelve y ya no vuelven a detectarlo.(los gratis claro esta)

he pasado para adelantar FRST y aqui pego lo que me dice…

si me podeis ayudar a elminar este virus,por favor,os lo agradeceria mucho. FRST.txt (35,1 KB) Addition.txt (32,0 KB)

2

parece que lo he podido solucionar,al menos eso.

pase el eset online,malwarebytes y superantiespiwere…encontraron cosas y de momento,ya tengo el acento normal. gracias de todas formas!

pues no,ya ha vuelto a salir :exploding_head:

3

Hola, sé que ha pasado tiempo desde tu última publicación. Quería ver si aún necesitabas ayuda. Si es así, la siguiente herramienta debería ayudarte:

Descarga FMRS a tu escritorio

  • Desactiva tu antivirus :arrow_forward: Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.
  • Ejecuta FMRS.exe (Presiona clic derecho y selecciona “Ejecutar como Administrador.”)
  • Aceptas los disclaimers que aparezcan.
  • Esperas que termine.
  • Al finalizar generara un reporte que deberás pegar en tu próxima respuesta.
  • Activa nuevamente tu antivirus
4

hola!! pues si,sigo necesitando ayuda…muchas gracias. te pego lo que me dice el FMRS:

# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ #
# Furtivex Malware Removal Script v7.1.8
# https://furtivex.net
# OS: Microsoft Windows 10 Home x64 22H2 Español (Spanish) - 0c0a - 1252 - 850
# Nombre de usuario: maalp (S-1-5-21-2812633472-1768700836-3444156906-1001)
# Fecha: 2025_04_21__13_02_43
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ #



# Procesos:

# Controladores:

# Servicios:

# Archivos:

C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex (565)
C:\Users\maalp\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data (2569)
C:\Users\maalp\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js (3226)
C:\Users\maalp\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data (2302)
C:\Users\maalp\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js (2121)
C:\Users\maalp\AppData\Local\Microsoft\TokenBroker\Cache (8)
C:\Users\maalp\AppData\Local\Mozilla\Firefox\Profiles\<Profile>\cache2\entries (12351)
C:\Users\maalp\AppData\Local\oobelibMkey.log
C:\Users\maalp\AppData\Roaming\Mozilla\Firefox\Profiles\<Profile>\shader-cache (18)
C:\Windows\System32\config\systemprofile\AppData\Local\CM213B2.tmp
C:\Windows\System32\config\systemprofile\AppData\Local\CM21DFA.tmp
C:\Windows\System32\config\systemprofile\AppData\Local\CM229DA.tmp
C:\Windows\System32\config\systemprofile\AppData\Local\CM23AF5.tmp
C:\Windows\System32\config\systemprofile\AppData\Local\CM2A414.tmp
C:\Windows\System32\perfc009.dat
C:\Windows\System32\perfc00A.dat
C:\Windows\System32\perfh009.dat
C:\Windows\System32\perfh00A.dat
Navegador: Google Chrome - Notificaciones push encontradas y eliminadas (Default)

# Carpetas:

C:\Users\maalp\AppData\Local\BitTorrentHelper
C:\Users\maalp\AppData\Local\Microsoft\BGAHelperLib
C:\Users\maalp\AppData\Local\D3DSCache (5)
C:\Users\maalp\AppData\Local\Microsoft\Windows\INetCache\IE (2)
C:\Users\maalp\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 (66)
C:\Windows\nsj454A.tmp
C:\Windows\System32\config\systemprofile\AppData\Local (1414)
C:\Windows\System32\config\systemprofile\AppData\Local\D3DSCache (4)

# Tareas:

# Registro:

HKLM\Software\Policies\Microsoft\MRT
HKLM\Software\Policies\Microsoft\Windows Defender Security Center
HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate
HKLM\Software\Policies\Mozilla\Firefox
HKLM\Software\Microsoft\Tracing\BGAUpsell_RASAPI32
HKLM\Software\Microsoft\Tracing\BGAUpsell_RASMANCS
HKLM\Software\Microsoft\Tracing\BingChatInstaller_RASAPI32
HKLM\Software\Microsoft\Tracing\BingChatInstaller_RASMANCS
HKLM\Software\Microsoft\Tracing\GenericSetup_RASAPI32
HKLM\Software\Microsoft\Tracing\GenericSetup_RASMANCS
HKLM\Software\Microsoft\Tracing\Update_RASAPI32
HKLM\Software\Microsoft\Tracing\Update_RASMANCS
HKLM\Software\Microsoft\Tracing\ViafirmaDesktop_RASAPI32
HKLM\Software\Microsoft\Tracing\ViafirmaDesktop_RASMANCS
HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\\SubscribedContent-338388Enabled
HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\\SubscribedContent-338389Enabled
HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\\SystemPaneSuggestionsEnabled [1] => [0]
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\MicrosoftEdgeAutoLaunch_89ABEA0B9AB6D2B9FE80FA33B3F551B8
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Logitech Download Assistant
HKLM\System\CurrentControlSet\Control\CrashControl\\AutoReboot [1] => [0]
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0FB6A278-0197-4AD0-B409-AC6C39C64BEC}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6DA9A3F6-94B8-4D78-97E5-7C35B67BE86C}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{82803399-B309-4253-B92A-2118B8116ADA}
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E8C12D1A-78B7-41A6-8C21-9A4D879FFEE6}

# Misceláneo:

AntiVirus Software: Windows Defender
Punto de restauración: Furtivex Malware Removal Script - Creado

HKLM\Software\Microsoft\Windows Defender\Exclusions\Extensions

HKLM\Software\Microsoft\Windows Defender\Exclusions\IpAddresses

HKLM\Software\Microsoft\Windows Defender\Exclusions\Paths
    C:\ProgramData    REG_DWORD    0x0

HKLM\Software\Microsoft\Windows Defender\Exclusions\Processes
    regsvr32.exe    REG_DWORD    0x0
    rundll32.exe    REG_DWORD    0x0
    regasm.exe    REG_DWORD    0x0
    dllhost.exe    REG_DWORD    0x0

HKLM\Software\Microsoft\Windows Defender\Exclusions\TemporaryPaths

C:\Users\maalp\AppData\Local\CrashDumps\ShellExperienceHost.exe.10584.dmp		<5678841>		<2024-09-19 09:28:25>
C:\Users\maalp\AppData\Local\CrashDumps\ShellExperienceHost.exe.12752.dmp		<6012834>		<2024-11-13 08:24:36>
C:\Users\maalp\AppData\Local\CrashDumps\ShellExperienceHost.exe.31048.dmp		<6264919>		<2024-05-27 11:01:56>
C:\Users\maalp\AppData\Local\CrashDumps\utweb.exe.14856.dmp		<4568523>		<2023-09-25 07:08:21>
C:\Users\maalp\AppData\Local\CrashDumps\utweb.exe.15592.dmp		<4600159>		<2023-09-15 12:38:20>
C:\Users\maalp\AppData\Local\CrashDumps\utweb.exe.2604.dmp		<4909474>		<2023-08-18 05:18:38>
C:\Users\maalp\AppData\Local\CrashDumps\utweb.exe.28188.dmp		<4764316>		<2023-07-14 05:56:14>
C:\Users\maalp\AppData\Local\CrashDumps\utweb.exe.41900.dmp		<4616657>		<2023-08-17 12:20:56>
C:\Users\maalp\AppData\Local\CrashDumps\utweb.exe.48872.dmp		<4572911>		<2023-08-14 06:43:33>
C:\Users\maalp\AppData\Local\CrashDumps\utweb.exe.9364.dmp		<4626881>		<2023-08-18 05:18:15>
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelCpHeciSvc.exe.11692.dmp		<488642>		<2025-01-02 06:24:52>
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelCpHeciSvc.exe.11912.dmp		<505986>		<2024-12-25 15:00:49>
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelCpHeciSvc.exe.12148.dmp		<488706>		<2025-01-24 06:20:47>
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelCpHeciSvc.exe.13820.dmp		<513402>		<2024-10-14 05:23:31>
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelCpHeciSvc.exe.13964.dmp		<490650>		<2024-12-18 06:20:27>
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelCpHeciSvc.exe.17100.dmp		<502506>		<2024-11-25 06:22:15>
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelCpHeciSvc.exe.18816.dmp		<476570>		<2024-12-02 06:26:16>
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelCpHeciSvc.exe.56908.dmp		<489770>		<2025-03-10 14:10:34>
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelCpHeciSvc.exe.7288.dmp		<486882>		<2025-02-27 06:25:59>
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelCpHeciSvc.exe.95464.dmp		<512602>		<2025-03-04 06:20:04>


# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ #
5

Hola, gracias por el archivo de registro.

No se detectó el archivo que buscaba. ¿Podrías confirmar que ya no existe? C:\ProgramData\WifiWorker\CntsQtyles\CNBBRrOhelhFl2r.dll

Si desaparece, ¿qué problemas quedan con el sistema?

Puedes eliminar toda la carpeta WifiWorker si existe

1 me gusta
6

¿Podrías enviar también los registros FRST.txt y Addition.txt actualizados si persisten los problemas? Pasó un tiempo desde que se publicaron los originales.

1 me gusta
7

buenos d´´ias !

pues no,sigue ahi si…ayer parecia que se habia ido pero…no me deja eliminar esa carpeta

570×617 66.5 KB

8 
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 01-04-2025
Ejecutado por maalp (administrador) sobre DESKTOP-9MUILJC (ASUSTeK COMPUTER INC. GL553VD) (22-04-2025 07:35:51)
Ejecutado desde C:\Users\maalp\Desktop\FRST64.exe
Perfiles cargados: maalp
Plataforma: Microsoft Windows 10 Home Versión 22H2 19045.5737 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: FF
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(ctfmon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <22>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2502.2.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <5>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.5676_none_7dfafd007c9b4e44\TiWorker.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [739448 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-2812633472-1768700836-3444156906-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Ningún archivo)
HKU\S-1-5-21-2812633472-1768700836-3444156906-1001\...\Run: [utweb] => "C:\Users\maalp\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (Ningún archivo)
HKU\S-1-5-21-2812633472-1768700836-3444156906-1001\...\Run: [MicrosoftEdgeAutoLaunch_89ABEA0B9AB6D2B9FE80FA33B3F551B8] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4419624 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2812633472-1768700836-3444156906-1001\...\MountPoints2: {f12ed449-4639-11ec-a52a-c821586a49b9} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2812633472-1768700836-3444156906-1002\...\Run: [MicrosoftEdgeAutoLaunch_91644184555F2E34F353C899A333CCBB] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4419624 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2812633472-1768700836-3444156906-1002\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\34607\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [61716360 2023-06-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2812633472-1768700836-3444156906-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\34607\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Ningún archivo)
HKU\S-1-5-21-2812633472-1768700836-3444156906-1002\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\34607\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64" [0 2023-06-27] () <==== ATENCIÓN [cero bytes Archivo/Carpeta]
HKU\S-1-5-21-2812633472-1768700836-3444156906-1002\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\34607\AppData\Local\Microsoft\OneDrive\21.220.1024.0005" [0 2023-06-27] () <==== ATENCIÓN [cero bytes Archivo/Carpeta]
HKLM\...\Print\Monitors\MPE3 Port: C:\Windows\system32\mpelocalmon.dll [26112 2018-05-14] (Copyright (c) Code Industry Ltd) [Archivo no firmado]
HKLM\...\Print\Monitors\Nitro PDF Port 14 Monitor: C:\Windows\system32\NxPrinterMonitor14.dll [358776 2024-01-26] (Nitro Software, Inc. -> Nitro Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\135.0.7049.96\Installer\chrmstp.exe [2025-04-21] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2025-04-03]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) =================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {A348116B-5DBA-4224-9D91-701BB3EAE372} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {89140C2E-4671-4EF4-8A76-86204CF46753} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [274920 2022-09-10] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {A194BD4D-2164-4004-BF8E-899E4CE08601} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7129.0{EA8C2FB7-601D-4BDD-B48B-D5CC13538833} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7129.0\updater.exe [7375968 2025-04-17] (Google LLC -> Google LLC)
Task: {247B226E-503C-475A-B7F0-5E9DA6F12405} - System32\Tasks\Microsoft\Windows\Application Experience\wscrkCollectionAgent => C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [58864 2022-06-25] (Microsoft Corporation -> Microsoft Corporation) -> C:\ProgramData\WifiWorker\CntsQtyles\C:\ProgramData\WifiWorker\CntsQtyles\CNBBRrOhelhFl2r.dll /unregister <==== ATENCIÓN
Task: {FF45FD5E-8BC3-4399-9EBA-A6A5160184BF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {144D9674-36B7-41A3-A770-71D1C687001F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {56C1B336-602A-445C-8CEB-C70771CEA9F1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {70E8A031-E03C-4E81-BCA5-413AE14B8E4A} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [695360 2025-04-21] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (la entrada de datos tiene 6 más caracteres).
Task: {DB0D9E8E-0B16-4658-8FF7-442C3EF71206} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2812633472-1768700836-3444156906-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [695360 2025-04-21] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (la entrada de datos tiene 6 más caracteres).
Task: {0C11FBBC-82DD-4809-866C-6F61C0EB5D74} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-04-21] (Mozilla Corporation -> Mozilla Foundation)
Task: {79F14FB2-2359-4C31-9E4C-104F6958E874} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2812633472-1768700836-3444156906-1001 => C:\Users\maalp\AppData\Local\Microsoft\OneDrive\25.051.0317.0003\OneDriveLauncher.exe [674624 2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B9B43B7-990A-47EB-87CC-D5729019A0B7} - System32\Tasks\Opera scheduled assistant Autoupdate 1689312755 => C:\Users\maalp\AppData\Local\Programs\Opera\launcher.exe [2717592 2023-07-11] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\maalp\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {29323981-5155-4C4E-841C-E141A0C3BBF2} - System32\Tasks\Opera scheduled Autoupdate 1689312745 => C:\Users\maalp\AppData\Local\Programs\Opera\launcher.exe [2717592 2023-07-11] (Opera Norway AS -> Opera Software)
Task: {A9AE3A6F-9E0B-4816-B460-6403FFFBE196} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2018-10-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {33ED37E1-8909-404B-B86E-EE4F7727EE18} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269120 2018-10-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 192.168.102.19
Tcpip\..\Interfaces\{53faa757-3ed7-4ec6-a7c0-7a5c020758d2}: [DhcpNameServer] 192.168.102.19
Tcpip\..\Interfaces\{53faa757-3ed7-4ec6-a7c0-7a5c020758d2}\449474946494242514D2B4B42566: [DhcpNameServer] 100.90.1.1 100.100.1.1 192.168.1.1
Tcpip\..\Interfaces\{53faa757-3ed7-4ec6-a7c0-7a5c020758d2}\553757162796F637F445: [DhcpNameServer] 10.210.209.71 10.210.209.72
Tcpip\..\Interfaces\{53faa757-3ed7-4ec6-a7c0-7a5c020758d2}\84551475549402052303020527F6: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{53faa757-3ed7-4ec6-a7c0-7a5c020758d2}\95F4554554C4D276865395: [DhcpNameServer] 8.8.8.8 4.2.2.1
Tcpip\..\Interfaces\{53faa757-3ed7-4ec6-a7c0-7a5c020758d2}\95F6574756C6D243635766: [DhcpNameServer] 8.8.8.8 4.2.2.1
Tcpip\..\Interfaces\{53faa757-3ed7-4ec6-a7c0-7a5c020758d2}\95F6574756C6D243635766F55374: [DhcpNameServer] 8.8.8.8 4.2.2.1
Tcpip\..\Interfaces\{66763603-264e-4955-9b61-0ee6b12b4561}: [DhcpNameServer] 8.8.8.8 4.2.2.1
Tcpip\..\Interfaces\{8fe1cb94-d3c1-4b21-871d-0c5a3f49151e}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{8fe1cb94-d3c1-4b21-871d-0c5a3f49151e}\4505D2C494E4B4F534835403: [DhcpNameServer] 8.8.8.8 4.2.2.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\maalp\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-22]
Edge HomePage: Default -> hxxp://www.google.es/
Edge Session Restore: Default -> está habilitado.
Edge Extension: (Documentos de Google sin conexión) - C:\Users\maalp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-04]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\maalp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx

FireFox:
========
FF DefaultProfile: 3hduoc1y.default
FF ProfilePath: C:\Users\maalp\AppData\Roaming\Mozilla\Firefox\Profiles\3hduoc1y.default [2021-09-02]
FF ProfilePath: C:\Users\maalp\AppData\Roaming\Mozilla\Firefox\Profiles\pcq2lzd4.default-release [2025-04-22]
FF Homepage: Mozilla\Firefox\Profiles\pcq2lzd4.default-release -> www.google.es
FF Session Restore: Mozilla\Firefox\Profiles\pcq2lzd4.default-release -> está habilitado.
FF Notifications: Mozilla\Firefox\Profiles\pcq2lzd4.default-release -> hxxps://web.telegram.org; hxxps://www.ibanezfarmacia.com; hxxps://ing.ingdirect.es
FF Extension: (uBlock Origin) - C:\Users\maalp\AppData\Roaming\Mozilla\Firefox\Profiles\pcq2lzd4.default-release\Extensions\[email protected] [2025-03-25]
FF Extension: (Search by Image) - C:\Users\maalp\AppData\Roaming\Mozilla\Firefox\Profiles\pcq2lzd4.default-release\Extensions\{2e5ff8c8-32fe-46d0-9fc8-6b8986621f3c}.xpi [2025-04-15]
FF Extension: (Descargador impresionante de Vimeo) - C:\Users\maalp\AppData\Roaming\Mozilla\Firefox\Profiles\pcq2lzd4.default-release\Extensions\{f5eca307-f4c6-4120-89e1-1b32c0262944}.xpi [2024-09-13]
FF Plugin: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)

Chrome: 
=======
CHR Profile: C:\Users\maalp\AppData\Local\Google\Chrome\User Data\Default [2025-04-02]
CHR Session Restore: Default -> está habilitado.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\maalp\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-03-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Documentos de Google sin conexión) - C:\Users\maalp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-31]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\maalp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-06]hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2812633472-1768700836-3444156906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
S2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [7682368 2025-04-03] (AnyDesk Software GmbH -> AnyDesk Software GmbH)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9441760 2024-12-12] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2024-12-18] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2023-12-21] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933432 2023-12-21] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 AsusPTPDrv; C:\Windows\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [321792 2022-09-10] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2023-12-21] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [32696 2020-11-18] (ASUSTek Computer Inc. -> ASUS)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [331168 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2024-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2023-12-21] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2023-12-21] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20016 2025-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [605576 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-10] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2025-04-22 07:35 - 2025-04-22 07:36 - 000020804 _____ C:\Users\maalp\Desktop\FRST.txt
2025-04-22 07:30 - 2025-04-22 07:30 - 002404864 _____ (Farbar) C:\Users\maalp\Desktop\FRST64.exe
2025-04-21 13:03 - 2025-04-21 13:03 - 000007116 _____ C:\Users\maalp\Desktop\FMRS_2025_04_21__13_02_43.txt
2025-04-21 13:03 - 2025-04-21 13:03 - 000007116 _____ C:\FMRS_2025_04_21__13_02_43.txt
2025-04-21 12:59 - 2025-04-21 12:59 - 001425052 _____ (<hxxps://furtivex.net>) C:\Users\maalp\Downloads\FMRS.exe
2025-04-21 09:37 - 2025-04-21 09:37 - 000104175 _____ C:\Users\maalp\Downloads\factura cafetera.pdf
2025-04-21 08:32 - 2025-04-21 08:32 - 021035823 _____ C:\Users\maalp\Downloads\TODOS EXAMENES PATRON YATE NAVEGACION 2ª2023-2.pdf
2025-04-21 08:31 - 2025-04-21 08:31 - 001914327 _____ C:\Users\maalp\Downloads\INFORMETECNICOABREVIADO.pdf
2025-04-21 08:30 - 2025-04-21 08:30 - 000475379 _____ C:\Users\maalp\Downloads\Memoriadeactuacionydesviaciones.pdf
2025-04-21 08:30 - 2025-04-21 08:30 - 000326169 _____ C:\Users\maalp\Downloads\solicitud596177Registrada (1).pdf
2025-04-21 08:29 - 2025-04-21 08:29 - 000193616 _____ C:\Users\maalp\Downloads\ContraFirmadoBDFRresolucionEstimatoria.pdf
2025-04-21 07:25 - 2025-04-21 13:02 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-04-15 15:05 - 2025-04-15 15:05 - 021035823 _____ C:\Users\maalp\Downloads\TODOS EXAMENES PATRON YATE NAVEGACION 2ª2023-1.pdf
2025-04-15 15:04 - 2025-04-15 15:04 - 021035823 _____ C:\Users\maalp\Downloads\TODOS EXAMENES PATRON YATE NAVEGACION 2ª2023.pdf
2025-04-15 15:04 - 2025-04-15 15:04 - 004665546 _____ C:\Users\maalp\Downloads\TODOS EXAMENES PATRON YATE GENERICO 2ª 2023.pdf
2025-04-15 13:43 - 2025-04-15 13:43 - 000824894 _____ C:\Users\maalp\Downloads\RESUMEN PPER BONZINI.pdf
2025-04-15 09:50 - 2025-04-15 09:50 - 000345552 _____ C:\Users\maalp\Downloads\WhatsApp Image 2025-04-15 at 09.50.25.jpeg
2025-04-14 11:06 - 2025-04-14 11:06 - 000538553 _____ C:\Users\maalp\Downloads\ibi 3.pdf
2025-04-14 11:05 - 2025-04-14 11:05 - 000538674 _____ C:\Users\maalp\Downloads\ibi 2.pdf
2025-04-14 11:05 - 2025-04-14 11:05 - 000538662 _____ C:\Users\maalp\Downloads\ibi 1.pdf
2025-04-14 10:08 - 2025-04-14 10:08 - 000021376 _____ C:\Users\maalp\Downloads\Mirador-de-Nuevo-Portil.webp
2025-04-14 08:00 - 2025-04-14 08:00 - 000134868 _____ C:\Users\maalp\Downloads\[.HDG] The Alto Knights (2025) [1080p WEBDL AVC Dual DD 5.1+Subs].torrent
2025-04-10 12:52 - 2025-04-10 12:52 - 000394081 _____ C:\Users\maalp\Downloads\dni manuel-3-2.pdf
2025-04-10 10:57 - 2025-04-10 10:57 - 000334452 _____ C:\Users\maalp\Downloads\image_t0000000249_n1.pdf
2025-04-10 07:54 - 2025-04-10 07:54 - 000084170 _____ C:\Users\maalp\Downloads\Mickey 17 (2025)[1080p WEB-DL AVC Dual AC3+Subs].torrent
2025-04-09 14:36 - 2025-04-09 14:36 - 000000000 ____D C:\inetpub
2025-04-09 10:27 - 2025-04-09 10:27 - 013412340 _____ C:\Users\maalp\Downloads\threadsdownloader.com_b5a024 (3).mp4
2025-04-09 07:38 - 2025-04-09 07:38 - 000000000 ___HD C:\$WinREAgent
2025-04-08 13:33 - 2025-04-08 13:33 - 000173389 _____ C:\Users\maalp\Downloads\PDFDeclaracion eze.pdf
2025-04-08 11:03 - 2025-04-08 11:03 - 007426069 _____ C:\Users\maalp\Downloads\Apuntes PY-1.pdf
2025-04-08 11:03 - 2025-04-08 11:03 - 003879886 _____ C:\Users\maalp\Downloads\Unidad 4-Navegacion Cartas.pdf
2025-04-08 11:03 - 2025-04-08 11:03 - 000808394 _____ C:\Users\maalp\Downloads\Unidad 3-Navegacion Teoria.pdf
2025-04-08 11:02 - 2025-04-08 11:02 - 000870576 _____ C:\Users\maalp\Downloads\Unidad 2- Meteorologia.pdf
2025-04-08 11:02 - 2025-04-08 11:02 - 000794897 _____ C:\Users\maalp\Downloads\Unidad 1- Seguridad en el mar.pdf
2025-04-08 07:41 - 2025-04-08 07:41 - 004557824 _____ (u Torrent Classic) C:\Users\maalp\Downloads\utorrent_installer (5).exe
2025-04-04 14:27 - 2025-04-04 14:27 - 000476095 _____ C:\Users\maalp\Downloads\EMBARCACION LIBERTY-1.pdf
2025-04-04 13:05 - 2025-04-04 13:05 - 001794059 _____ C:\Users\maalp\Downloads\20040503-Ejercicios-de-Navegacion-Costera.pdf
2025-04-04 13:04 - 2025-04-04 13:04 - 001918259 _____ C:\Users\maalp\Downloads\equipo-seguridad-patron-yate.pdf
2025-04-04 11:29 - 2025-04-04 11:29 - 000476095 _____ C:\Users\maalp\Downloads\EMBARCACION LIBERTY.pdf
2025-04-04 11:24 - 2025-04-04 11:24 - 004673782 _____ C:\Users\maalp\Downloads\Planificación examen PDY-1.pdf
2025-04-03 12:25 - 2025-04-03 12:25 - 000001961 _____ C:\Users\Public\Desktop\AnyDesk.lnk
2025-04-03 12:25 - 2025-04-03 12:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyDesk
2025-04-03 12:21 - 2025-04-03 12:21 - 007682368 _____ (AnyDesk Software GmbH) C:\Users\maalp\Downloads\AnyDesk.exe
2025-04-03 07:42 - 2025-04-15 14:21 - 000000000 ____D C:\Users\maalp\Desktop\declaracion renta 2024
2025-04-03 07:37 - 2025-04-03 07:37 - 000053512 _____ C:\Users\maalp\Downloads\certificado_de_discapacidad (2).pdf
2025-04-02 13:15 - 2025-04-02 13:15 - 000036303 _____ C:\Users\maalp\Downloads\2025000133044.pdf
2025-04-02 13:14 - 2025-04-02 13:14 - 000041646 _____ C:\Users\maalp\Downloads\2025000134834.pdf
2025-04-02 13:05 - 2025-04-02 13:05 - 000030273 _____ C:\Users\maalp\Downloads\fianza avra rincon-1.pdf
2025-04-02 13:00 - 2025-04-02 13:00 - 000030273 _____ C:\Users\maalp\Downloads\fianza avra rincon.pdf
2025-04-02 10:31 - 2025-04-02 10:31 - 001623119 _____ C:\Users\maalp\Downloads\MOBILE - Manual Vigilantes.pdf
2025-04-02 10:24 - 2025-04-02 10:24 - 000076326 _____ C:\Users\maalp\Downloads\Datos accesos Vigilantes.pdf
2025-04-02 09:23 - 2025-04-02 09:23 - 015070037 _____ C:\Users\maalp\Downloads\FELCO DELFYN 680 PLUS EN VENTA.pdf
2025-04-01 09:29 - 2025-04-01 09:29 - 000043590 _____ C:\Users\maalp\Downloads\[.HDG] Fire Country T1 (2025) [AMZ 1080p WEB-DL HEVC 10Bit DUAL + SUBS].torrent
2025-03-31 14:03 - 2025-03-31 14:03 - 000041201 _____ C:\Users\maalp\Downloads\001481.pdf
2025-03-31 12:54 - 2025-03-31 12:54 - 000345976 _____ C:\Users\maalp\Downloads\REGISTRO-MARITIMO-HOJAS DE ASIENTO-1.pdf
2025-03-31 11:05 - 2025-03-31 11:06 - 000106066 _____ C:\Users\maalp\Downloads\WhatsApp Image 2025-03-31 at 10.58.49.jpeg
2025-03-31 10:51 - 2025-03-31 11:04 - 000000000 ____D C:\Users\maalp\Desktop\IMPRIMIR PER
2025-03-31 09:13 - 2025-03-31 09:13 - 001519695 _____ C:\Users\maalp\Downloads\CERTIFICADO DE NAVEGABILIDAD.pdf
2025-03-31 09:13 - 2025-03-31 09:13 - 000345976 _____ C:\Users\maalp\Downloads\REGISTRO-MARITIMO-HOJAS DE ASIENTO.pdf
2025-03-31 09:13 - 2025-03-31 09:13 - 000253021 _____ C:\Users\maalp\Downloads\PERMISO DE NAVEGACION.pdf
2025-03-31 09:12 - 2025-04-03 11:36 - 000000000 ____D C:\Users\maalp\Desktop\merry fisher 750
2025-03-31 09:12 - 2025-03-31 09:12 - 000353284 _____ C:\Users\maalp\Downloads\AOC-22-20033-155-85 INF. FINAL ALMALI UNO.pdf
2025-03-28 15:23 - 2025-03-28 15:23 - 000252273 _____ C:\Users\maalp\Downloads\1222_001.pdf
2025-03-28 13:19 - 2025-03-28 13:19 - 001091978 _____ C:\Users\maalp\Downloads\545608521.pdf
2025-03-28 09:28 - 2025-03-28 09:28 - 000394716 _____ C:\Users\maalp\Downloads\1743082195723.pdf
2025-03-27 12:14 - 2025-03-27 12:14 - 000147593 _____ C:\Users\maalp\Downloads\billing-statement-elect-A-75A9096A-3439035.pdf
2025-03-27 12:12 - 2025-03-27 12:12 - 000148223 _____ C:\Users\maalp\Downloads\billing-statement-elect-A-75A9096A-3149865-1.pdf
2025-03-27 08:57 - 2025-03-27 08:57 - 000162829 _____ C:\Users\maalp\Downloads\WhatsApp Image 2025-03-27 at 06.24.30.jpeg
2025-03-25 11:40 - 2025-03-25 11:40 - 000340420 _____ C:\Users\maalp\Downloads\PY-25_03-nabigazioa_A_negrita-1.pdf
2025-03-25 11:38 - 2025-04-16 08:14 - 000000000 ____D C:\Users\maalp\Desktop\patron de yate
2025-03-25 11:37 - 2025-03-25 11:37 - 000140230 _____ C:\Users\maalp\Downloads\2025_1-SOL_PY_modulo_generico-1.pdf
2025-03-25 11:37 - 2025-03-25 11:37 - 000136724 _____ C:\Users\maalp\Downloads\2025_1-SOL_PY_modulo_navegacion-1.pdf
2025-03-25 11:33 - 2025-03-25 11:33 - 004106989 _____ C:\Users\maalp\Downloads\20201019192350003-1.pdf
2025-03-25 11:33 - 2025-03-25 11:33 - 000136724 _____ C:\Users\maalp\Downloads\2025_1-SOL_PY_modulo_navegacion.pdf
2025-03-25 11:32 - 2025-03-25 11:32 - 000140230 _____ C:\Users\maalp\Downloads\2025_1-SOL_PY_modulo_generico.pdf
2025-03-25 11:31 - 2025-03-25 11:31 - 000340420 _____ C:\Users\maalp\Downloads\PY-25_03-nabigazioa_A_negrita.pdf
2025-03-25 11:31 - 2025-03-25 11:31 - 000137692 _____ C:\Users\maalp\Downloads\PY-03_25-generico_A_negrita.pdf
2025-03-25 11:28 - 2025-03-25 11:28 - 004106989 _____ C:\Users\maalp\Downloads\20201019192350003.pdf
2025-03-25 11:26 - 2025-03-25 11:26 - 007426069 _____ C:\Users\maalp\Downloads\PY - Apuntes.pdf
2025-03-25 11:26 - 2025-03-25 11:26 - 004673782 _____ C:\Users\maalp\Downloads\Planificación examen PDY.pdf

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2025-04-22 07:36 - 2024-12-12 09:21 - 000000000 ____D C:\FRST
2025-04-22 07:32 - 2023-07-17 07:25 - 000000000 ___HD C:\Users\maalp\Downloads\.opera
2025-04-22 07:32 - 2023-07-17 07:25 - 000000000 ___HD C:\Users\maalp\.opera
2025-04-22 07:31 - 2021-09-02 11:58 - 000000000 ____D C:\Users\maalp\AppData\Local\D3DSCache
2025-04-22 07:20 - 2021-12-23 00:40 - 000000000 ____D C:\Windows\SystemTemp
2025-04-22 07:19 - 2022-02-24 14:25 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-04-22 07:17 - 2023-03-23 12:14 - 000000000 ____D C:\Users\maalp\AppData\Roaming\AnyDesk
2025-04-22 07:17 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-22 07:17 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2025-04-22 07:17 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-21 14:15 - 2021-09-02 11:57 - 000000000 ____D C:\ProgramData\NVIDIA
2025-04-21 13:02 - 2021-09-02 12:07 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-04-21 13:02 - 2021-09-02 12:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-04-21 13:01 - 2023-03-23 12:15 - 000000000 ____D C:\ProgramData\AnyDesk
2025-04-21 07:27 - 2024-10-08 11:06 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2025-04-21 07:24 - 2021-09-06 21:12 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-04-21 07:24 - 2021-09-02 11:47 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-04-21 07:23 - 2021-09-02 12:19 - 000000000 __SHD C:\Users\maalp\IntelGraphicsProfiles
2025-04-16 14:15 - 2022-01-15 20:58 - 000000000 ____D C:\Users\maalp\AppData\Roaming\vlc
2025-04-16 11:57 - 2022-09-27 10:07 - 000000000 ____D C:\Users\maalp\Desktop\certificados
2025-04-15 13:30 - 2021-09-02 11:47 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-04-15 07:27 - 2025-02-06 13:14 - 000003576 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-2812633472-1768700836-3444156906-1001
2025-04-15 07:27 - 2021-12-15 10:00 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2812633472-1768700836-3444156906-1001
2025-04-15 07:27 - 2021-09-02 11:59 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2812633472-1768700836-3444156906-1001
2025-04-15 07:27 - 2021-09-02 11:56 - 000002417 _____ C:\Users\maalp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-11 14:54 - 2023-01-31 10:48 - 000000382 _____ C:\Users\maalp\Desktop\deportes junta andalucia.txt
2025-04-11 13:34 - 2022-09-20 10:46 - 000000000 ____D C:\ProgramData\boost_interprocess
2025-04-11 13:34 - 2022-09-20 10:45 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2025-04-11 07:14 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2025-04-10 07:32 - 2021-09-02 11:54 - 001683680 _____ C:\Windows\system32\PerfStringBackup.INI
2025-04-10 07:29 - 2021-09-02 11:47 - 000000000 ____D C:\Windows\system32\Drivers\wd
2025-04-10 07:26 - 2021-09-02 12:01 - 000000000 ____D C:\Intel
2025-04-10 07:26 - 2021-09-02 11:47 - 000008192 ___SH C:\DumpStack.log.tmp
2025-04-10 07:26 - 2021-09-02 11:47 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-04-09 14:38 - 2019-12-07 11:03 - 001048576 _____ C:\Windows\system32\config\BBI
2025-04-09 14:37 - 2021-09-02 11:47 - 000466952 _____ C:\Windows\system32\FNTCACHE.DAT
2025-04-09 14:36 - 2024-07-23 15:39 - 000000000 ____D C:\Windows\system32\compatrel
2025-04-09 14:36 - 2019-12-07 16:55 - 000000000 ____D C:\Windows\system32\OpenSSH
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2025-04-09 07:47 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2025-04-09 07:43 - 2021-09-02 11:51 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2025-04-08 13:17 - 2021-09-21 16:58 - 000000000 ____D C:\Users\maalp\.fnmt
2025-04-08 07:22 - 2021-09-02 11:47 - 000003708 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-04-08 07:22 - 2021-09-02 11:47 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-04-03 12:24 - 2023-03-23 12:15 - 000000000 ____D C:\Program Files (x86)\AnyDesk

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================



Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 01-04-2025
Ejecutado por maalp (22-04-2025 07:36:56)
Ejecutado desde C:\Users\maalp\Desktop
Microsoft Windows 10 Home Versión 22H2 19045.5737 (X64) (2021-09-02 09:49:37)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

(Si una entrada es incluida en el fixlist, será eliminada.)

34607 (S-1-5-21-2812633472-1768700836-3444156906-1002 - Limited - Enabled) => C:\Users\34607
Administrador (S-1-5-21-2812633472-1768700836-3444156906-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2812633472-1768700836-3444156906-503 - Limited - Disabled)
Invitado (S-1-5-21-2812633472-1768700836-3444156906-501 - Limited - Disabled)
maalp (S-1-5-21-2812633472-1768700836-3444156906-1001 - Administrator - Enabled) => C:\Users\maalp
WDAGUtilityAccount (S-1-5-21-2812633472-1768700836-3444156906-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1034-1033-7760-BC15014EA700}) (Version: 25.001.20435 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601110}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AnycubicPhotonWorkshop (HKLM\...\AnycubicPhotonWorkshop) (Version:  - ANYCUBIC)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 9.5.0 - AnyDesk Software GmbH)
Asistente para la instalación de Windows 11 (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.3630 - Microsoft Corporation)
AutoFirma (HKLM\...\AutoFirma) (Version: 1.8.2 - Gobierno de España)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.9.140.1014 - BlueStack Systems, Inc.)
Comprobación de estado de PC Windows (HKLM\...\{8B474A92-CE3A-4F46-B6F1-6DFA1390F826}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Configurador FNMT (HKLM-x32\...\ConfiguradorFnmt) (Version: 3.0.1 - FNMT-RCM)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 135.0.7049.96 - Google LLC)
Java 8 Update 371 (64-bit) (HKLM\...\{71124AE4-039E-4CA4-87B4-2F64180371F0}) (Version: 8.0.3710.11 - Oracle Corporation)
LibreOffice 7.2.0.4 (HKLM\...\{C52FBB79-D0A7-4F28-9CEC-3B262694409B}) (Version: 7.2.0.4 - The Document Foundation)
Malwarebytes version 5.2.5.158 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.2.5.158 - Malwarebytes)
Master PDF Editor 5.1.30 (HKLM\...\Master PDF Editor 5.1.30_is1) (Version: 5.1.30 - Code Industry Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 135.0.3179.85 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2812633472-1768700836-3444156906-1001\...\OneDriveSetup.exe) (Version: 25.051.0317.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2812633472-1768700836-3444156906-1002\...\OneDriveSetup.exe) (Version: 23.119.0606.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 es-ES) (HKLM\...\Mozilla Firefox 137.0.2 (x64 es-ES)) (Version: 137.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.0.2 - Mozilla)
Nitro PDF Pro (HKLM\...\{DBC11A95-B27B-4D08-88E7-90D8A8E05FE4}) (Version: 14.20.1.0 - Nitro)
NVIDIA Controlador de gráficos 441.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.93 - NVIDIA Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8564 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.61.0 - Samsung Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.24062.1 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.24062.1 - Samsung Electronics Co., Ltd.)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
viafirma desktop (HKLM-x32\...\{5B2FCA66-B73C-4A83-B0EA-C8BBF6FBA42D}) (Version: 1.3.3 - Viafirma)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.85 - Microsoft Corporation) Hidden

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-12-13] ()
Centro de comando de gráficos Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-13] (INTEL CORP) [Startup Task]
Clouds PREMIUM -> C:\Program Files\WindowsApps\Microsoft.CloudsPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-02] (Microsoft Corporation)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-10-20] (Microsoft Corporation)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-2812633472-1768700836-3444156906-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2812633472-1768700836-3444156906-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [Nitro.Pro.ShellExtension.Shim] -> {211B6F25-950C-49CD-AB86-A448EF85686A} => C:\Program Files\Common Files\Nitro\Nitro.Pro.ShellExtension.Shim.dll [2024-01-26] (Nitro Software, Inc. -> Nitro Software, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-12-12] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-01-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-12-12] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2023-05-05 08:18 - 2018-05-14 22:34 - 000026112 _____ (Copyright (c) Code Industry Ltd) [Archivo no firmado] C:\Windows\System32\mpelocalmon.dll
2023-05-05 08:14 - 2022-07-15 16:00 - 000094720 _____ (Igor Pavlov) [Archivo no firmado] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) =============

HKU\S-1-5-21-2812633472-1768700836-3444156906-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

2023-02-08 14:31 - 2023-02-08 14:32 - 000000444 _____ C:\Windows\system32\drivers\etc\hosts.ics

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\AutoFirma\AutoFirma
HKU\S-1-5-21-2812633472-1768700836-3444156906-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
HKU\S-1-5-21-2812633472-1768700836-3444156906-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.102.19
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.

Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
Wi-Fi: Intel(R) Dual Band Wireless-AC 7265 -> Netwtw04.sys
Conexión de red Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{5515B670-ECE8-4477-B702-855020F15FA4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3D43BCAD-68EC-492E-9CE9-89AAB28FC8A9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7A4FE6DA-B40C-4E7E-AC0E-154E1232D1E2}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe => Ningún archivo
FirewallRules: [{B0AD8C07-E73D-439D-B65B-5F7FEC07C97C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe => Ningún archivo
FirewallRules: [TCP Query User{231F3607-E1DF-4B36-8339-6586689E5018}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [UDP Query User{6D3C3E79-1850-4CBE-982D-BB336133F05A}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [{F79DFB28-C988-444E-A7C0-45368E074401}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Ningún archivo
FirewallRules: [{AF6F4DEE-FB27-4F2C-8D27-6E6A7C2A70D2}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Ningún archivo
FirewallRules: [{19DB4FB6-8E09-4D9A-B0C2-F876CC01A483}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [TCP Query User{4DCBBB10-F902-4CDE-A32D-B84E6937C349}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [UDP Query User{58A48F6B-5E2E-4CFF-9CFF-FE85D8B90698}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [{C588D4F8-A53D-4CFE-AA26-FCCBA20A9DC3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F95313A8-74BC-4B16-9EDD-FC0C802367FE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DB5E6A8D-65E9-484B-AAAE-44A40E3CD6A5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F335940C-3E4C-4AB2-90C4-4473712FFBE3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E92AFE55-6DB2-4A94-837F-524708712E17}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{01BFCBFB-12C7-4605-B6AC-BA81901C3CA7}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{6D64B901-F00D-48E2-B69D-4809E46BC4A8}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{2AFC8465-DFB5-4546-93E0-5B07B0EB9991}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{328C992D-76E9-456D-8965-4ACC24465209}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{80EDD6F2-13F4-4700-83B5-28A0D3DD8480}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)

==================== Puntos de Restauración =========================

21-04-2025 10:31:40 Punto de control programado

==================== Dispositivos defectuosos en el Administrador de dispositivos ============
Name: Controladora de memoria PCI
Description: Controladora de memoria PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Dispositivo PCI
Description: Dispositivo PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Controladora de bus SM
Description: Controladora de bus SM
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Controladora de adquisición de datos y procesamiento de señal PCI
Description: Controladora de adquisición de datos y procesamiento de señal PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Controladora simple de comunicaciones PCI
Description: Controladora simple de comunicaciones PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Dispositivo base del sistema
Description: Dispositivo base del sistema
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================

Errores del sistema:
=============
Error: (04/22/2025 07:17:37 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\Windows\system32\IntelWifiIhv04.dll

Error: (04/22/2025 07:17:06 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\Windows\system32\IntelWifiIhv04.dll

Error: (04/22/2025 07:17:06 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\Windows\system32\IntelWifiIhv04.dll

Error: (04/21/2025 02:15:05 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\Windows\system32\IntelWifiIhv04.dll

Error: (04/21/2025 02:15:05 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\Windows\system32\IntelWifiIhv04.dll

Error: (04/21/2025 02:15:05 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\Windows\system32\IntelWifiIhv04.dll

Error: (04/21/2025 02:15:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\Windows\system32\IntelWifiIhv04.dll

Error: (04/21/2025 02:15:03 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\Windows\system32\IntelWifiIhv04.dll


Windows Defender:
================
Date: 2024-12-13 07:58:59
Description: 
Antivirus de Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Name: HackTool:Win32/Keygen
Severity: Alta
Category: Herramienta
Path: file:_C:\Users\maalp\Desktop\CUADRANTES\cuadrantes securitas\pdf editor\Nitro.PDF.Pro.v14.20.1.0.Enterprise.Multilingual.Incl.Patch\patch.rar
Detection Origin: Equipo local
Detection Type: Concreto
Detection Source: Protección en tiempo real
Process Name: C:\Users\maalp\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Security intelligence Version: AV: 1.421.769.0, AS: 1.421.769.0, NIS: 1.421.769.0
Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11

Date: 2024-12-12 08:51:54
Description: 
Antivirus de Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Name: HackTool:Win32/Keygen
Severity: Alta
Category: Herramienta
Path: file:_C:\Users\maalp\Desktop\CUADRANTES\cuadrantes securitas\pdf editor\Nitro.PDF.Pro.v14.20.1.0.Enterprise.Multilingual.Incl.Patch\nitro.pro.14.5.x.enterprise-patch.exe; file:_C:\Users\maalp\Desktop\CUADRANTES\cuadrantes securitas\pdf editor\Nitro.PDF.Pro.v14.20.1.0.Enterprise.Multilingual.Incl.Patch\nitro.pro.14.5.x.enterprise.(x64)-patch.exe; file:_C:\Users\maalp\Desktop\CUADRANTES\cuadrantes securitas\pdf editor\Nitro.PDF.Pro.v14.20.1.0.Enterprise.Multilingual.Incl.Patch\nitro.pro.14.5.x.enterprise.(x86)-patch.exe
Detection Origin: Equipo local
Detection Type: Concreto
Detection Source: Protección en tiempo real
Process Name: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Security intelligence Version: AV: 1.421.733.0, AS: 1.421.733.0, NIS: 1.421.733.0
Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11

Date: 2024-12-12 08:51:54
Description: 
Antivirus de Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Name: HackTool:Win32/Keygen
Severity: Alta
Category: Herramienta
Path: file:_C:\Users\maalp\Desktop\CUADRANTES\cuadrantes securitas\pdf editor\Nitro.PDF.Pro.v14.20.1.0.Enterprise.Multilingual.Incl.Patch\nitro.pro.14.5.x.enterprise-patch.exe; file:_C:\Users\maalp\Desktop\CUADRANTES\cuadrantes securitas\pdf editor\Nitro.PDF.Pro.v14.20.1.0.Enterprise.Multilingual.Incl.Patch\nitro.pro.14.5.x.enterprise.(x64)-patch.exe
Detection Origin: Equipo local
Detection Type: Concreto
Detection Source: Protección en tiempo real
Process Name: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Security intelligence Version: AV: 1.421.733.0, AS: 1.421.733.0, NIS: 1.421.733.0
Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11

Date: 2024-12-12 08:51:53
Description: 
Antivirus de Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Name: HackTool:Win32/Keygen
Severity: Alta
Category: Herramienta
Path: file:_C:\Users\maalp\Desktop\CUADRANTES\cuadrantes securitas\pdf editor\Nitro.PDF.Pro.v14.20.1.0.Enterprise.Multilingual.Incl.Patch\nitro.pro.14.5.x.enterprise-patch.exe
Detection Origin: Equipo local
Detection Type: Concreto
Detection Source: Protección en tiempo real
Process Name: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Security intelligence Version: AV: 1.421.733.0, AS: 1.421.733.0, NIS: 1.421.733.0
Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11

Date: 2024-12-12 08:41:47
Description: 
Antivirus de Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Name: HackTool:Win32/Keygen
Severity: Alta
Category: Herramienta
Path: file:_C:\Program Files\Nitro\PDF Pro\14\nitro.pro.14.5.x.enterprise.(x64)-patch.exe
Detection Origin: Equipo local
Detection Type: Concreto
Detection Source: Protección en tiempo real
Process Name: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Security intelligence Version: AV: 1.421.733.0, AS: 1.421.733.0, NIS: 1.421.733.0
Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11
Event[0]:

Date: 2024-01-08 13:58:36
Description: 
Antivirus de Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.403.916.0
Update Source: Servidor de Microsoft Update
Security intelligence Type: AntiVirus
Update Type: Completa
Current Engine Version: 
Previous Engine Version: 1.1.23110.2
Error code: 0x8024001e
Error description: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2023-10-27 15:26:02
Description: 
Antivirus de Microsoft Defender has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Actual
Error Code: 0x80501102
Error description: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico. 
Security intelligence Version: 1.399.1393.0;1.399.1393.0
Engine Version: 1.1.23090.2007

CodeIntegrity:
===============
Date: 2024-12-13 10:25:48
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\SUPERAntiSpyware\sasdifsv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2024-12-13 10:25:48
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\SUPERAntiSpyware\saskutil64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2024-12-12 12:34:26
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.


==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. GL553VD.308 04/29/2019
Placa base: ASUSTeK COMPUTER INC. GL553VD
Procesador: Intel(R) Core(TM) i5-7300HQ CPU @ 2.50GHz
Porcentaje de memoria en uso: 65%
RAM física total: 12173.02 MB
RAM física disponible: 4161.95 MB
Virtual total: 20877.02 MB
Virtual disponible: 11604.21 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:222.84 GB) (Free:39.4 GB) (Model: TOSHIBA-TR150) NTFS
Drive d: (almacenamiento) (Fixed) (Total:930.46 GB) (Free:575.23 GB) (Model: HGST HTS721010A9E630) NTFS

\\?\Volume{3535cb34-b542-4f2b-9828-85dd39b04ec0}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{a66a22e5-a5f1-42ca-b41b-9eb223a032de}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.38 GB) NTFS
\\?\Volume{9b2e3b46-cf59-47d4-8138-f7592f4e1fae}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 7A4CA373)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 768AB6FB)

Partition: GPT.

==================== Final de Addition.txt =======================
9

Hola. ¿Puedes mostrarme qué hay dentro de esta carpeta? C:\ProgramData\WifiWorker\CntsQtyles

10

hola muy buenos dias!!

esto es lo unico que me aparece dentro de la carpeta esa…

1920×1080 345 KB

11

Gracias por eso. El archivo .DLL ya no está, pero aún tenemos una tarea programada para eliminar. Más adelante veremos cómo eliminar la carpeta completa.

Por favor, haga lo siguiente: Presione la tecla Windows y R

Tipo: taskschd.msc

Presione ENTRAR

Debería aparecer la ventana del Programador de tareas.

Utilice el ratón para navegar por el lado izquierdo hasta esta ubicación: Microsoft\Windows\Application Experience\wscrkCollectionAgent

1095×668 150 KB

Cuando lo encuentres, resáltalo y presiona el botón Eliminar.

Avísame si pudiste completar mis pasos.

Permíteme revisar tus registros más recientes para asegurarme de que no me he olvidado de nada. Parece que el problema principal ya no existe, pero podemos eliminar esa carpeta más tarde.

¿También puedes colocar el archivo de registro de la publicación anterior en un cuadro de código?

12

Antes de que me olvide..

Libere espacio en la unidad C:.

Drive c: () (Fixed) (Total:222.84 GB) (Free:39.4 GB) (Model: TOSHIBA-TR150) NTFS

Este disco duro solo tiene un 18% de espacio libre. Intente aumentar esta cifra al 20 % o más para mejorar el rendimiento del sistema. Puede usar un programa como WinDirStat para localizar las áreas que se puedan limpiar.

Mover o eliminar archivos de vídeo y .ISO es generalmente un buen lugar para comenzar.

1 me gusta
13

640×360 50.3 KB

a que te refieres con colocar en un cuadro de codigo?

14

La tarea no aparece aquí. Gracias por avisarme.

Disculpen mi español no muy bueno. Recuadro de código para los archivos FRST.txt y Addition.txt.

He actualizado FMRS. Descargue una nueva copia y sobrescriba la copia existente del archivo. Ejecútela como administrador desde el modo normal.

enviar el resultado

Salu2

17

Hay otra actualización de FMRS, si aún no la has escaneado. Prueba la última versión, por favor.

1 me gusta
18

ok,ahora mismo lo hago. tengo en pendiente una respuestas con Recuadro de código para los archivos FRST.txt y Addition.txt. que parece que la tiene que aprobar un administrador…no se me habia olvidado!

19

listo!!

# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ #
# Furtivex Malware Removal Script v7.2.0
# https://furtivex.net
# OS: Microsoft Windows 10 Home x64 22H2 Español (Spanish) - 0c0a - 1252 - 850
# Nombre de usuario: maalp (S-1-5-21-2812633472-1768700836-3444156906-1001)
# Fecha: 2025_04_22__12_15_33
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ #



# Procesos:

# Controladores:

# Servicios:

# Archivos:

C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex (2)
C:\Users\maalp\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data (0)
C:\Users\maalp\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js (0)
C:\Users\maalp\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data (0)
C:\Users\maalp\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js (0)
C:\Users\maalp\AppData\Local\Microsoft\TokenBroker\Cache (4)
C:\Users\maalp\AppData\Local\Mozilla\Firefox\Profiles\<Profile>\cache2\entries (3327)
C:\Users\maalp\AppData\Roaming\Mozilla\Firefox\Profiles\<Profile>\shader-cache (33)

# Carpetas:

C:\ProgramData\WifiWorker
C:\Users\maalp\AppData\Local\D3DSCache (0)
C:\Users\maalp\AppData\Local\Microsoft\Windows\INetCache\IE (1)
C:\Users\maalp\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 (0)
C:\Windows\System32\config\systemprofile\AppData\Local (0)
C:\Windows\System32\config\systemprofile\AppData\Local\D3DSCache (0)

# Tareas:

# Registro:

HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Standalone Update Binary
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 25.051.0317.0003

# Misceláneo:

AntiVirus Software: Windows Defender
Punto de restauración: Furtivex Malware Removal Script - Creado

HKLM\Software\Microsoft\Windows Defender\Exclusions\Extensions

HKLM\Software\Microsoft\Windows Defender\Exclusions\IpAddresses

HKLM\Software\Microsoft\Windows Defender\Exclusions\Paths
    C:\ProgramData    REG_DWORD    0x0

HKLM\Software\Microsoft\Windows Defender\Exclusions\Processes
    regsvr32.exe    REG_DWORD    0x0
    rundll32.exe    REG_DWORD    0x0
    regasm.exe    REG_DWORD    0x0
    dllhost.exe    REG_DWORD    0x0

HKLM\Software\Microsoft\Windows Defender\Exclusions\TemporaryPaths

C:\Users\maalp\AppData\Local\CrashDumps\pevFind.exe.16308.dmp		<282548>		<2025-04-22 07:46:08>
C:\Users\maalp\AppData\Local\CrashDumps\ShellExperienceHost.exe.10584.dmp		<5678841>		<2024-09-19 09:28:25>
C:\Users\maalp\AppData\Local\CrashDumps\ShellExperienceHost.exe.12752.dmp		<6012834>		<2024-11-13 08:24:36>
C:\Users\maalp\AppData\Local\CrashDumps\ShellExperienceHost.exe.31048.dmp		<6264919>		<2024-05-27 11:01:56>
C:\Users\maalp\AppData\Local\CrashDumps\utweb.exe.14856.dmp		<4568523>		<2023-09-25 07:08:21>
C:\Users\maalp\AppData\Local\CrashDumps\utweb.exe.15592.dmp		<4600159>		<2023-09-15 12:38:20>
C:\Users\maalp\AppData\Local\CrashDumps\utweb.exe.2604.dmp		<4909474>		<2023-08-18 05:18:38>
C:\Users\maalp\AppData\Local\CrashDumps\utweb.exe.41900.dmp		<4616657>		<2023-08-17 12:20:56>
C:\Users\maalp\AppData\Local\CrashDumps\utweb.exe.9364.dmp		<4626881>		<2023-08-18 05:18:15>
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelCpHeciSvc.exe.11692.dmp		<488642>		<2025-01-02 06:24:52>
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelCpHeciSvc.exe.11912.dmp		<505986>		<2024-12-25 15:00:49>
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelCpHeciSvc.exe.12148.dmp		<488706>		<2025-01-24 06:20:47>
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelCpHeciSvc.exe.13820.dmp		<513402>		<2024-10-14 05:23:31>
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelCpHeciSvc.exe.13964.dmp		<490650>		<2024-12-18 06:20:27>
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelCpHeciSvc.exe.17100.dmp		<502506>		<2024-11-25 06:22:15>
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelCpHeciSvc.exe.18816.dmp		<476570>		<2024-12-02 06:26:16>
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelCpHeciSvc.exe.56908.dmp		<489770>		<2025-03-10 14:10:34>
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelCpHeciSvc.exe.7288.dmp		<486882>		<2025-02-27 06:25:59>
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelCpHeciSvc.exe.95464.dmp		<512602>		<2025-03-04 06:20:04>


# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ #
20 
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 01-04-2025
Ejecutado por maalp (administrador) sobre DESKTOP-9MUILJC (ASUSTeK COMPUTER INC. GL553VD) (22-04-2025 09:43:36)
Ejecutado desde C:\Users\maalp\Desktop\frst64\FRST64.exe
Perfiles cargados: maalp
Plataforma: Microsoft Windows 10 Home Versión 22H2 19045.5737 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: FF
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.5676_none_7dfafd007c9b4e44\TiWorker.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [739448 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-2812633472-1768700836-3444156906-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Ningún archivo)
HKU\S-1-5-21-2812633472-1768700836-3444156906-1001\...\Run: [utweb] => "C:\Users\maalp\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (Ningún archivo)
HKU\S-1-5-21-2812633472-1768700836-3444156906-1001\...\MountPoints2: {f12ed449-4639-11ec-a52a-c821586a49b9} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2812633472-1768700836-3444156906-1002\...\Run: [MicrosoftEdgeAutoLaunch_91644184555F2E34F353C899A333CCBB] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4419624 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2812633472-1768700836-3444156906-1002\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\34607\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [61716360 2023-06-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2812633472-1768700836-3444156906-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\34607\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Ningún archivo)
HKU\S-1-5-21-2812633472-1768700836-3444156906-1002\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\34607\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64" [0 2023-06-27] () <==== ATENCIÓN [cero bytes Archivo/Carpeta]
HKU\S-1-5-21-2812633472-1768700836-3444156906-1002\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\34607\AppData\Local\Microsoft\OneDrive\21.220.1024.0005" [0 2023-06-27] () <==== ATENCIÓN [cero bytes Archivo/Carpeta]
HKLM\...\Print\Monitors\MPE3 Port: C:\Windows\system32\mpelocalmon.dll [26112 2018-05-14] (Copyright (c) Code Industry Ltd) [Archivo no firmado]
HKLM\...\Print\Monitors\Nitro PDF Port 14 Monitor: C:\Windows\system32\NxPrinterMonitor14.dll [358776 2024-01-26] (Nitro Software, Inc. -> Nitro Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\135.0.7049.96\Installer\chrmstp.exe [2025-04-21] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2025-04-03]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) =================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {A348116B-5DBA-4224-9D91-701BB3EAE372} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {89140C2E-4671-4EF4-8A76-86204CF46753} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [274920 2022-09-10] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {A194BD4D-2164-4004-BF8E-899E4CE08601} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7129.0{EA8C2FB7-601D-4BDD-B48B-D5CC13538833} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7129.0\updater.exe [7375968 2025-04-17] (Google LLC -> Google LLC)
Task: {FF45FD5E-8BC3-4399-9EBA-A6A5160184BF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {144D9674-36B7-41A3-A770-71D1C687001F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {56C1B336-602A-445C-8CEB-C70771CEA9F1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {70E8A031-E03C-4E81-BCA5-413AE14B8E4A} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [695360 2025-04-21] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (la entrada de datos tiene 6 más caracteres).
Task: {DB0D9E8E-0B16-4658-8FF7-442C3EF71206} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2812633472-1768700836-3444156906-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [695360 2025-04-21] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (la entrada de datos tiene 6 más caracteres).
Task: {0C11FBBC-82DD-4809-866C-6F61C0EB5D74} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-04-21] (Mozilla Corporation -> Mozilla Foundation)
Task: {79F14FB2-2359-4C31-9E4C-104F6958E874} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2812633472-1768700836-3444156906-1001 => C:\Users\maalp\AppData\Local\Microsoft\OneDrive\25.051.0317.0003\OneDriveLauncher.exe [674624 2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B9B43B7-990A-47EB-87CC-D5729019A0B7} - System32\Tasks\Opera scheduled assistant Autoupdate 1689312755 => C:\Users\maalp\AppData\Local\Programs\Opera\launcher.exe [2717592 2023-07-11] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\maalp\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {29323981-5155-4C4E-841C-E141A0C3BBF2} - System32\Tasks\Opera scheduled Autoupdate 1689312745 => C:\Users\maalp\AppData\Local\Programs\Opera\launcher.exe [2717592 2023-07-11] (Opera Norway AS -> Opera Software)
Task: {A9AE3A6F-9E0B-4816-B460-6403FFFBE196} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2018-10-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {33ED37E1-8909-404B-B86E-EE4F7727EE18} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269120 2018-10-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 192.168.102.19
Tcpip\..\Interfaces\{53faa757-3ed7-4ec6-a7c0-7a5c020758d2}: [DhcpNameServer] 192.168.102.19
Tcpip\..\Interfaces\{53faa757-3ed7-4ec6-a7c0-7a5c020758d2}\449474946494242514D2B4B42566: [DhcpNameServer] 100.90.1.1 100.100.1.1 192.168.1.1
Tcpip\..\Interfaces\{53faa757-3ed7-4ec6-a7c0-7a5c020758d2}\553757162796F637F445: [DhcpNameServer] 10.210.209.71 10.210.209.72
Tcpip\..\Interfaces\{53faa757-3ed7-4ec6-a7c0-7a5c020758d2}\84551475549402052303020527F6: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{53faa757-3ed7-4ec6-a7c0-7a5c020758d2}\95F4554554C4D276865395: [DhcpNameServer] 8.8.8.8 4.2.2.1
Tcpip\..\Interfaces\{53faa757-3ed7-4ec6-a7c0-7a5c020758d2}\95F6574756C6D243635766: [DhcpNameServer] 8.8.8.8 4.2.2.1
Tcpip\..\Interfaces\{53faa757-3ed7-4ec6-a7c0-7a5c020758d2}\95F6574756C6D243635766F55374: [DhcpNameServer] 8.8.8.8 4.2.2.1
Tcpip\..\Interfaces\{66763603-264e-4955-9b61-0ee6b12b4561}: [DhcpNameServer] 8.8.8.8 4.2.2.1
Tcpip\..\Interfaces\{8fe1cb94-d3c1-4b21-871d-0c5a3f49151e}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{8fe1cb94-d3c1-4b21-871d-0c5a3f49151e}\4505D2C494E4B4F534835403: [DhcpNameServer] 8.8.8.8 4.2.2.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\maalp\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-22]
Edge HomePage: Default -> hxxp://www.google.es/
Edge Session Restore: Default -> está habilitado.
Edge Extension: (Documentos de Google sin conexión) - C:\Users\maalp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-04]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\maalp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx

FireFox:
========
FF DefaultProfile: 3hduoc1y.default
FF ProfilePath: C:\Users\maalp\AppData\Roaming\Mozilla\Firefox\Profiles\3hduoc1y.default [2021-09-02]
FF ProfilePath: C:\Users\maalp\AppData\Roaming\Mozilla\Firefox\Profiles\pcq2lzd4.default-release [2025-04-22]
FF Homepage: Mozilla\Firefox\Profiles\pcq2lzd4.default-release -> www.google.es
FF Session Restore: Mozilla\Firefox\Profiles\pcq2lzd4.default-release -> está habilitado.
FF Notifications: Mozilla\Firefox\Profiles\pcq2lzd4.default-release -> hxxps://web.telegram.org; hxxps://www.ibanezfarmacia.com; hxxps://ing.ingdirect.es
FF Extension: (uBlock Origin) - C:\Users\maalp\AppData\Roaming\Mozilla\Firefox\Profiles\pcq2lzd4.default-release\Extensions\[email protected] [2025-03-25]
FF Extension: (Search by Image) - C:\Users\maalp\AppData\Roaming\Mozilla\Firefox\Profiles\pcq2lzd4.default-release\Extensions\{2e5ff8c8-32fe-46d0-9fc8-6b8986621f3c}.xpi [2025-04-15]
FF Extension: (Descargador impresionante de Vimeo) - C:\Users\maalp\AppData\Roaming\Mozilla\Firefox\Profiles\pcq2lzd4.default-release\Extensions\{f5eca307-f4c6-4120-89e1-1b32c0262944}.xpi [2024-09-13]
FF Plugin: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)

Chrome: 
=======
CHR Profile: C:\Users\maalp\AppData\Local\Google\Chrome\User Data\Default [2025-04-02]
CHR Session Restore: Default -> está habilitado.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\maalp\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-03-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Documentos de Google sin conexión) - C:\Users\maalp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-31]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\maalp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-06]hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2812633472-1768700836-3444156906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
S2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [7682368 2025-04-03] (AnyDesk Software GmbH -> AnyDesk Software GmbH)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9441760 2024-12-12] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2024-12-18] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2023-12-21] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933432 2023-12-21] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 AsusPTPDrv; C:\Windows\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [321792 2022-09-10] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2023-12-21] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [32696 2020-11-18] (ASUSTek Computer Inc. -> ASUS)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [331168 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2024-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2023-12-21] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2023-12-21] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20016 2025-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [605576 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-10] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2025-04-22 09:41 - 2025-04-22 09:43 - 000000000 ____D C:\Users\maalp\Desktop\frst64
2025-04-22 09:38 - 2025-04-22 09:38 - 000007159 _____ C:\Users\maalp\Desktop\FMRS_2025_04_22__09_37_40.txt
2025-04-22 09:38 - 2025-04-22 09:38 - 000007159 _____ C:\FMRS_2025_04_22__09_37_40.txt
2025-04-22 09:35 - 2025-04-22 09:35 - 001425109 _____ (<hxxps://furtivex.net>) C:\Users\maalp\Downloads\FMRS.exe
2025-04-21 13:03 - 2025-04-21 13:03 - 000007116 _____ C:\FMRS_2025_04_21__13_02_43.txt
2025-04-21 09:37 - 2025-04-21 09:37 - 000104175 _____ C:\Users\maalp\Downloads\factura cafetera.pdf
2025-04-21 08:32 - 2025-04-21 08:32 - 021035823 _____ C:\Users\maalp\Downloads\TODOS EXAMENES PATRON YATE NAVEGACION 2ª2023-2.pdf
2025-04-21 08:31 - 2025-04-21 08:31 - 001914327 _____ C:\Users\maalp\Downloads\INFORMETECNICOABREVIADO.pdf
2025-04-21 08:30 - 2025-04-21 08:30 - 000475379 _____ C:\Users\maalp\Downloads\Memoriadeactuacionydesviaciones.pdf
2025-04-21 08:30 - 2025-04-21 08:30 - 000326169 _____ C:\Users\maalp\Downloads\solicitud596177Registrada (1).pdf
2025-04-21 08:29 - 2025-04-21 08:29 - 000193616 _____ C:\Users\maalp\Downloads\ContraFirmadoBDFRresolucionEstimatoria.pdf
2025-04-21 07:25 - 2025-04-21 13:02 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-04-15 15:05 - 2025-04-15 15:05 - 021035823 _____ C:\Users\maalp\Downloads\TODOS EXAMENES PATRON YATE NAVEGACION 2ª2023-1.pdf
2025-04-15 15:04 - 2025-04-15 15:04 - 021035823 _____ C:\Users\maalp\Downloads\TODOS EXAMENES PATRON YATE NAVEGACION 2ª2023.pdf
2025-04-15 15:04 - 2025-04-15 15:04 - 004665546 _____ C:\Users\maalp\Downloads\TODOS EXAMENES PATRON YATE GENERICO 2ª 2023.pdf
2025-04-15 13:43 - 2025-04-15 13:43 - 000824894 _____ C:\Users\maalp\Downloads\RESUMEN PPER BONZINI.pdf
2025-04-15 09:50 - 2025-04-15 09:50 - 000345552 _____ C:\Users\maalp\Downloads\WhatsApp Image 2025-04-15 at 09.50.25.jpeg
2025-04-14 11:06 - 2025-04-14 11:06 - 000538553 _____ C:\Users\maalp\Downloads\ibi 3.pdf
2025-04-14 11:05 - 2025-04-14 11:05 - 000538674 _____ C:\Users\maalp\Downloads\ibi 2.pdf
2025-04-14 11:05 - 2025-04-14 11:05 - 000538662 _____ C:\Users\maalp\Downloads\ibi 1.pdf
2025-04-14 10:08 - 2025-04-14 10:08 - 000021376 _____ C:\Users\maalp\Downloads\Mirador-de-Nuevo-Portil.webp
2025-04-14 08:00 - 2025-04-14 08:00 - 000134868 _____ C:\Users\maalp\Downloads\[.HDG] The Alto Knights (2025) [1080p WEBDL AVC Dual DD 5.1+Subs].torrent
2025-04-10 12:52 - 2025-04-10 12:52 - 000394081 _____ C:\Users\maalp\Downloads\dni manuel-3-2.pdf
2025-04-10 10:57 - 2025-04-10 10:57 - 000334452 _____ C:\Users\maalp\Downloads\image_t0000000249_n1.pdf
2025-04-10 07:54 - 2025-04-10 07:54 - 000084170 _____ C:\Users\maalp\Downloads\Mickey 17 (2025)[1080p WEB-DL AVC Dual AC3+Subs].torrent
2025-04-09 14:36 - 2025-04-09 14:36 - 000000000 ____D C:\inetpub
2025-04-09 10:27 - 2025-04-09 10:27 - 013412340 _____ C:\Users\maalp\Downloads\threadsdownloader.com_b5a024 (3).mp4
2025-04-09 07:38 - 2025-04-09 07:38 - 000000000 ___HD C:\$WinREAgent
2025-04-08 13:33 - 2025-04-08 13:33 - 000173389 _____ C:\Users\maalp\Downloads\PDFDeclaracion eze.pdf
2025-04-08 11:03 - 2025-04-08 11:03 - 007426069 _____ C:\Users\maalp\Downloads\Apuntes PY-1.pdf
2025-04-08 11:03 - 2025-04-08 11:03 - 003879886 _____ C:\Users\maalp\Downloads\Unidad 4-Navegacion Cartas.pdf
2025-04-08 11:03 - 2025-04-08 11:03 - 000808394 _____ C:\Users\maalp\Downloads\Unidad 3-Navegacion Teoria.pdf
2025-04-08 11:02 - 2025-04-08 11:02 - 000870576 _____ C:\Users\maalp\Downloads\Unidad 2- Meteorologia.pdf
2025-04-08 11:02 - 2025-04-08 11:02 - 000794897 _____ C:\Users\maalp\Downloads\Unidad 1- Seguridad en el mar.pdf
2025-04-08 07:41 - 2025-04-08 07:41 - 004557824 _____ (u Torrent Classic) C:\Users\maalp\Downloads\utorrent_installer (5).exe
2025-04-04 14:27 - 2025-04-04 14:27 - 000476095 _____ C:\Users\maalp\Downloads\EMBARCACION LIBERTY-1.pdf
2025-04-04 13:05 - 2025-04-04 13:05 - 001794059 _____ C:\Users\maalp\Downloads\20040503-Ejercicios-de-Navegacion-Costera.pdf
2025-04-04 13:04 - 2025-04-04 13:04 - 001918259 _____ C:\Users\maalp\Downloads\equipo-seguridad-patron-yate.pdf
2025-04-04 11:29 - 2025-04-04 11:29 - 000476095 _____ C:\Users\maalp\Downloads\EMBARCACION LIBERTY.pdf
2025-04-04 11:24 - 2025-04-04 11:24 - 004673782 _____ C:\Users\maalp\Downloads\Planificación examen PDY-1.pdf
2025-04-03 12:25 - 2025-04-03 12:25 - 000001961 _____ C:\Users\Public\Desktop\AnyDesk.lnk
2025-04-03 12:25 - 2025-04-03 12:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyDesk
2025-04-03 12:21 - 2025-04-03 12:21 - 007682368 _____ (AnyDesk Software GmbH) C:\Users\maalp\Downloads\AnyDesk.exe
2025-04-03 07:42 - 2025-04-15 14:21 - 000000000 ____D C:\Users\maalp\Desktop\declaracion renta 2024
2025-04-03 07:37 - 2025-04-03 07:37 - 000053512 _____ C:\Users\maalp\Downloads\certificado_de_discapacidad (2).pdf
2025-04-02 13:15 - 2025-04-02 13:15 - 000036303 _____ C:\Users\maalp\Downloads\2025000133044.pdf
2025-04-02 13:14 - 2025-04-02 13:14 - 000041646 _____ C:\Users\maalp\Downloads\2025000134834.pdf
2025-04-02 13:05 - 2025-04-02 13:05 - 000030273 _____ C:\Users\maalp\Downloads\fianza avra rincon-1.pdf
2025-04-02 13:00 - 2025-04-02 13:00 - 000030273 _____ C:\Users\maalp\Downloads\fianza avra rincon.pdf
2025-04-02 10:31 - 2025-04-02 10:31 - 001623119 _____ C:\Users\maalp\Downloads\MOBILE - Manual Vigilantes.pdf
2025-04-02 10:24 - 2025-04-02 10:24 - 000076326 _____ C:\Users\maalp\Downloads\Datos accesos Vigilantes.pdf
2025-04-02 09:23 - 2025-04-02 09:23 - 015070037 _____ C:\Users\maalp\Downloads\FELCO DELFYN 680 PLUS EN VENTA.pdf
2025-04-01 09:29 - 2025-04-01 09:29 - 000043590 _____ C:\Users\maalp\Downloads\[.HDG] Fire Country T1 (2025) [AMZ 1080p WEB-DL HEVC 10Bit DUAL + SUBS].torrent
2025-03-31 14:03 - 2025-03-31 14:03 - 000041201 _____ C:\Users\maalp\Downloads\001481.pdf
2025-03-31 12:54 - 2025-03-31 12:54 - 000345976 _____ C:\Users\maalp\Downloads\REGISTRO-MARITIMO-HOJAS DE ASIENTO-1.pdf
2025-03-31 11:05 - 2025-03-31 11:06 - 000106066 _____ C:\Users\maalp\Downloads\WhatsApp Image 2025-03-31 at 10.58.49.jpeg
2025-03-31 10:51 - 2025-03-31 11:04 - 000000000 ____D C:\Users\maalp\Desktop\IMPRIMIR PER
2025-03-31 09:13 - 2025-03-31 09:13 - 001519695 _____ C:\Users\maalp\Downloads\CERTIFICADO DE NAVEGABILIDAD.pdf
2025-03-31 09:13 - 2025-03-31 09:13 - 000345976 _____ C:\Users\maalp\Downloads\REGISTRO-MARITIMO-HOJAS DE ASIENTO.pdf
2025-03-31 09:13 - 2025-03-31 09:13 - 000253021 _____ C:\Users\maalp\Downloads\PERMISO DE NAVEGACION.pdf
2025-03-31 09:12 - 2025-04-03 11:36 - 000000000 ____D C:\Users\maalp\Desktop\merry fisher 750
2025-03-31 09:12 - 2025-03-31 09:12 - 000353284 _____ C:\Users\maalp\Downloads\AOC-22-20033-155-85 INF. FINAL ALMALI UNO.pdf
2025-03-28 15:23 - 2025-03-28 15:23 - 000252273 _____ C:\Users\maalp\Downloads\1222_001.pdf
2025-03-28 13:19 - 2025-03-28 13:19 - 001091978 _____ C:\Users\maalp\Downloads\545608521.pdf
2025-03-28 09:28 - 2025-03-28 09:28 - 000394716 _____ C:\Users\maalp\Downloads\1743082195723.pdf
2025-03-27 12:14 - 2025-03-27 12:14 - 000147593 _____ C:\Users\maalp\Downloads\billing-statement-elect-A-75A9096A-3439035.pdf
2025-03-27 12:12 - 2025-03-27 12:12 - 000148223 _____ C:\Users\maalp\Downloads\billing-statement-elect-A-75A9096A-3149865-1.pdf
2025-03-27 08:57 - 2025-03-27 08:57 - 000162829 _____ C:\Users\maalp\Downloads\WhatsApp Image 2025-03-27 at 06.24.30.jpeg
2025-03-25 11:40 - 2025-03-25 11:40 - 000340420 _____ C:\Users\maalp\Downloads\PY-25_03-nabigazioa_A_negrita-1.pdf
2025-03-25 11:38 - 2025-04-16 08:14 - 000000000 ____D C:\Users\maalp\Desktop\patron de yate
2025-03-25 11:37 - 2025-03-25 11:37 - 000140230 _____ C:\Users\maalp\Downloads\2025_1-SOL_PY_modulo_generico-1.pdf
2025-03-25 11:37 - 2025-03-25 11:37 - 000136724 _____ C:\Users\maalp\Downloads\2025_1-SOL_PY_modulo_navegacion-1.pdf
2025-03-25 11:33 - 2025-03-25 11:33 - 004106989 _____ C:\Users\maalp\Downloads\20201019192350003-1.pdf
2025-03-25 11:33 - 2025-03-25 11:33 - 000136724 _____ C:\Users\maalp\Downloads\2025_1-SOL_PY_modulo_navegacion.pdf
2025-03-25 11:32 - 2025-03-25 11:32 - 000140230 _____ C:\Users\maalp\Downloads\2025_1-SOL_PY_modulo_generico.pdf
2025-03-25 11:31 - 2025-03-25 11:31 - 000340420 _____ C:\Users\maalp\Downloads\PY-25_03-nabigazioa_A_negrita.pdf
2025-03-25 11:31 - 2025-03-25 11:31 - 000137692 _____ C:\Users\maalp\Downloads\PY-03_25-generico_A_negrita.pdf
2025-03-25 11:28 - 2025-03-25 11:28 - 004106989 _____ C:\Users\maalp\Downloads\20201019192350003.pdf
2025-03-25 11:26 - 2025-03-25 11:26 - 007426069 _____ C:\Users\maalp\Downloads\PY - Apuntes.pdf
2025-03-25 11:26 - 2025-03-25 11:26 - 004673782 _____ C:\Users\maalp\Downloads\Planificación examen PDY.pdf

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2025-04-22 09:43 - 2024-12-12 09:21 - 000000000 ____D C:\FRST
2025-04-22 09:39 - 2022-02-24 14:25 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-04-22 09:38 - 2024-03-27 07:48 - 000000000 ____D C:\ProgramData\WifiWorker
2025-04-22 09:37 - 2021-09-02 11:58 - 000000000 ____D C:\Users\maalp\AppData\Local\D3DSCache
2025-04-22 09:37 - 2021-09-02 11:57 - 000000000 ____D C:\ProgramData\NVIDIA
2025-04-22 09:15 - 2023-02-08 13:58 - 000000000 ____D C:\Users\maalp\AppData\Roaming\Microsoft\MMC
2025-04-22 07:32 - 2023-07-17 07:25 - 000000000 ___HD C:\Users\maalp\Downloads\.opera
2025-04-22 07:32 - 2023-07-17 07:25 - 000000000 ___HD C:\Users\maalp\.opera
2025-04-22 07:20 - 2021-12-23 00:40 - 000000000 ____D C:\Windows\SystemTemp
2025-04-22 07:17 - 2023-03-23 12:14 - 000000000 ____D C:\Users\maalp\AppData\Roaming\AnyDesk
2025-04-22 07:17 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-22 07:17 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2025-04-22 07:17 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-21 13:02 - 2021-09-02 12:07 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-04-21 13:02 - 2021-09-02 12:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-04-21 13:01 - 2023-03-23 12:15 - 000000000 ____D C:\ProgramData\AnyDesk
2025-04-21 07:27 - 2024-10-08 11:06 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2025-04-21 07:24 - 2021-09-06 21:12 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-04-21 07:24 - 2021-09-02 11:47 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-04-21 07:23 - 2021-09-02 12:19 - 000000000 __SHD C:\Users\maalp\IntelGraphicsProfiles
2025-04-16 14:15 - 2022-01-15 20:58 - 000000000 ____D C:\Users\maalp\AppData\Roaming\vlc
2025-04-16 11:57 - 2022-09-27 10:07 - 000000000 ____D C:\Users\maalp\Desktop\certificados
2025-04-15 13:30 - 2021-09-02 11:47 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-04-15 07:27 - 2025-02-06 13:14 - 000003576 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-2812633472-1768700836-3444156906-1001
2025-04-15 07:27 - 2021-12-15 10:00 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2812633472-1768700836-3444156906-1001
2025-04-15 07:27 - 2021-09-02 11:59 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2812633472-1768700836-3444156906-1001
2025-04-15 07:27 - 2021-09-02 11:56 - 000002417 _____ C:\Users\maalp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-11 14:54 - 2023-01-31 10:48 - 000000382 _____ C:\Users\maalp\Desktop\deportes junta andalucia.txt
2025-04-11 13:34 - 2022-09-20 10:46 - 000000000 ____D C:\ProgramData\boost_interprocess
2025-04-11 13:34 - 2022-09-20 10:45 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2025-04-11 07:14 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2025-04-10 07:32 - 2021-09-02 11:54 - 001683680 _____ C:\Windows\system32\PerfStringBackup.INI
2025-04-10 07:29 - 2021-09-02 11:47 - 000000000 ____D C:\Windows\system32\Drivers\wd
2025-04-10 07:26 - 2021-09-02 12:01 - 000000000 ____D C:\Intel
2025-04-10 07:26 - 2021-09-02 11:47 - 000008192 ___SH C:\DumpStack.log.tmp
2025-04-10 07:26 - 2021-09-02 11:47 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-04-09 14:38 - 2019-12-07 11:03 - 001048576 _____ C:\Windows\system32\config\BBI
2025-04-09 14:37 - 2021-09-02 11:47 - 000466952 _____ C:\Windows\system32\FNTCACHE.DAT
2025-04-09 14:36 - 2024-07-23 15:39 - 000000000 ____D C:\Windows\system32\compatrel
2025-04-09 14:36 - 2019-12-07 16:55 - 000000000 ____D C:\Windows\system32\OpenSSH
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2025-04-09 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2025-04-09 07:47 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2025-04-09 07:43 - 2021-09-02 11:51 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2025-04-08 13:17 - 2021-09-21 16:58 - 000000000 ____D C:\Users\maalp\.fnmt
2025-04-08 07:22 - 2021-09-02 11:47 - 000003708 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-04-08 07:22 - 2021-09-02 11:47 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-04-03 12:24 - 2023-03-23 12:15 - 000000000 ____D C:\Program Files (x86)\AnyDesk

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 01-04-2025
Ejecutado por maalp (22-04-2025 09:44:41)
Ejecutado desde C:\Users\maalp\Desktop\frst64
Microsoft Windows 10 Home Versión 22H2 19045.5737 (X64) (2021-09-02 09:49:37)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

(Si una entrada es incluida en el fixlist, será eliminada.)

34607 (S-1-5-21-2812633472-1768700836-3444156906-1002 - Limited - Enabled) => C:\Users\34607
Administrador (S-1-5-21-2812633472-1768700836-3444156906-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2812633472-1768700836-3444156906-503 - Limited - Disabled)
Invitado (S-1-5-21-2812633472-1768700836-3444156906-501 - Limited - Disabled)
maalp (S-1-5-21-2812633472-1768700836-3444156906-1001 - Administrator - Enabled) => C:\Users\maalp
WDAGUtilityAccount (S-1-5-21-2812633472-1768700836-3444156906-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1034-1033-7760-BC15014EA700}) (Version: 25.001.20435 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601110}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AnycubicPhotonWorkshop (HKLM\...\AnycubicPhotonWorkshop) (Version:  - ANYCUBIC)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 9.5.0 - AnyDesk Software GmbH)
Asistente para la instalación de Windows 11 (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.3630 - Microsoft Corporation)
AutoFirma (HKLM\...\AutoFirma) (Version: 1.8.2 - Gobierno de España)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.9.140.1014 - BlueStack Systems, Inc.)
Comprobación de estado de PC Windows (HKLM\...\{8B474A92-CE3A-4F46-B6F1-6DFA1390F826}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Configurador FNMT (HKLM-x32\...\ConfiguradorFnmt) (Version: 3.0.1 - FNMT-RCM)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 135.0.7049.96 - Google LLC)
Java 8 Update 371 (64-bit) (HKLM\...\{71124AE4-039E-4CA4-87B4-2F64180371F0}) (Version: 8.0.3710.11 - Oracle Corporation)
LibreOffice 7.2.0.4 (HKLM\...\{C52FBB79-D0A7-4F28-9CEC-3B262694409B}) (Version: 7.2.0.4 - The Document Foundation)
Malwarebytes version 5.2.5.158 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.2.5.158 - Malwarebytes)
Master PDF Editor 5.1.30 (HKLM\...\Master PDF Editor 5.1.30_is1) (Version: 5.1.30 - Code Industry Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 135.0.3179.85 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2812633472-1768700836-3444156906-1001\...\OneDriveSetup.exe) (Version: 25.051.0317.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2812633472-1768700836-3444156906-1002\...\OneDriveSetup.exe) (Version: 23.119.0606.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 es-ES) (HKLM\...\Mozilla Firefox 137.0.2 (x64 es-ES)) (Version: 137.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.0.2 - Mozilla)
Nitro PDF Pro (HKLM\...\{DBC11A95-B27B-4D08-88E7-90D8A8E05FE4}) (Version: 14.20.1.0 - Nitro)
NVIDIA Controlador de gráficos 441.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.93 - NVIDIA Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8564 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.61.0 - Samsung Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.24062.1 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.24062.1 - Samsung Electronics Co., Ltd.)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
viafirma desktop (HKLM-x32\...\{5B2FCA66-B73C-4A83-B0EA-C8BBF6FBA42D}) (Version: 1.3.3 - Viafirma)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.85 - Microsoft Corporation) Hidden

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-12-13] ()
Centro de comando de gráficos Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-13] (INTEL CORP) [Startup Task]
Clouds PREMIUM -> C:\Program Files\WindowsApps\Microsoft.CloudsPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-02] (Microsoft Corporation)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-10-20] (Microsoft Corporation)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-2812633472-1768700836-3444156906-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2812633472-1768700836-3444156906-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [Nitro.Pro.ShellExtension.Shim] -> {211B6F25-950C-49CD-AB86-A448EF85686A} => C:\Program Files\Common Files\Nitro\Nitro.Pro.ShellExtension.Shim.dll [2024-01-26] (Nitro Software, Inc. -> Nitro Software, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-12-12] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-01-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-12-12] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2023-05-05 08:18 - 2018-05-14 22:34 - 000026112 _____ (Copyright (c) Code Industry Ltd) [Archivo no firmado] C:\Windows\System32\mpelocalmon.dll
2023-05-05 08:14 - 2022-07-15 16:00 - 000094720 _____ (Igor Pavlov) [Archivo no firmado] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) =============

HKU\S-1-5-21-2812633472-1768700836-3444156906-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

2023-02-08 14:31 - 2023-02-08 14:32 - 000000444 _____ C:\Windows\system32\drivers\etc\hosts.ics

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\AutoFirma\AutoFirma
HKU\S-1-5-21-2812633472-1768700836-3444156906-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
HKU\S-1-5-21-2812633472-1768700836-3444156906-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.102.19
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.

Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
Wi-Fi: Intel(R) Dual Band Wireless-AC 7265 -> Netwtw04.sys
Conexión de red Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{5515B670-ECE8-4477-B702-855020F15FA4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3D43BCAD-68EC-492E-9CE9-89AAB28FC8A9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7A4FE6DA-B40C-4E7E-AC0E-154E1232D1E2}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe => Ningún archivo
FirewallRules: [{B0AD8C07-E73D-439D-B65B-5F7FEC07C97C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe => Ningún archivo
FirewallRules: [TCP Query User{231F3607-E1DF-4B36-8339-6586689E5018}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [UDP Query User{6D3C3E79-1850-4CBE-982D-BB336133F05A}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [{F79DFB28-C988-444E-A7C0-45368E074401}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Ningún archivo
FirewallRules: [{AF6F4DEE-FB27-4F2C-8D27-6E6A7C2A70D2}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Ningún archivo
FirewallRules: [{19DB4FB6-8E09-4D9A-B0C2-F876CC01A483}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [TCP Query User{4DCBBB10-F902-4CDE-A32D-B84E6937C349}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [UDP Query User{58A48F6B-5E2E-4CFF-9CFF-FE85D8B90698}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [{C588D4F8-A53D-4CFE-AA26-FCCBA20A9DC3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F95313A8-74BC-4B16-9EDD-FC0C802367FE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DB5E6A8D-65E9-484B-AAAE-44A40E3CD6A5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F335940C-3E4C-4AB2-90C4-4473712FFBE3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E92AFE55-6DB2-4A94-837F-524708712E17}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{01BFCBFB-12C7-4605-B6AC-BA81901C3CA7}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{6D64B901-F00D-48E2-B69D-4809E46BC4A8}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{2AFC8465-DFB5-4546-93E0-5B07B0EB9991}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{328C992D-76E9-456D-8965-4ACC24465209}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{80EDD6F2-13F4-4700-83B5-28A0D3DD8480}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)

==================== Puntos de Restauración =========================

21-04-2025 10:31:40 Punto de control programado

==================== Dispositivos defectuosos en el Administrador de dispositivos ============
Name: Controladora de memoria PCI
Description: Controladora de memoria PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Dispositivo PCI
Description: Dispositivo PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Controladora de bus SM
Description: Controladora de bus SM
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Controladora de adquisición de datos y procesamiento de señal PCI
Description: Controladora de adquisición de datos y procesamiento de señal PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Controladora simple de comunicaciones PCI
Description: Controladora simple de comunicaciones PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Dispositivo base del sistema
Description: Dispositivo base del sistema
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================

Errores del sistema:
=============

Windows Defender:
================
Date: 2024-12-13 07:58:59
Description: 
Antivirus de Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Name: HackTool:Win32/Keygen
Severity: Alta
Category: Herramienta
Path: file:_C:\Users\maalp\Desktop\CUADRANTES\cuadrantes securitas\pdf editor\Nitro.PDF.Pro.v14.20.1.0.Enterprise.Multilingual.Incl.Patch\patch.rar
Detection Origin: Equipo local
Detection Type: Concreto
Detection Source: Protección en tiempo real
Process Name: C:\Users\maalp\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Security intelligence Version: AV: 1.421.769.0, AS: 1.421.769.0, NIS: 1.421.769.0
Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11

Date: 2024-12-12 08:51:54
Description: 
Antivirus de Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Name: HackTool:Win32/Keygen
Severity: Alta
Category: Herramienta
Path: file:_C:\Users\maalp\Desktop\CUADRANTES\cuadrantes securitas\pdf editor\Nitro.PDF.Pro.v14.20.1.0.Enterprise.Multilingual.Incl.Patch\nitro.pro.14.5.x.enterprise-patch.exe; file:_C:\Users\maalp\Desktop\CUADRANTES\cuadrantes securitas\pdf editor\Nitro.PDF.Pro.v14.20.1.0.Enterprise.Multilingual.Incl.Patch\nitro.pro.14.5.x.enterprise.(x64)-patch.exe; file:_C:\Users\maalp\Desktop\CUADRANTES\cuadrantes securitas\pdf editor\Nitro.PDF.Pro.v14.20.1.0.Enterprise.Multilingual.Incl.Patch\nitro.pro.14.5.x.enterprise.(x86)-patch.exe
Detection Origin: Equipo local
Detection Type: Concreto
Detection Source: Protección en tiempo real
Process Name: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Security intelligence Version: AV: 1.421.733.0, AS: 1.421.733.0, NIS: 1.421.733.0
Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11

Date: 2024-12-12 08:51:54
Description: 
Antivirus de Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Name: HackTool:Win32/Keygen
Severity: Alta
Category: Herramienta
Path: file:_C:\Users\maalp\Desktop\CUADRANTES\cuadrantes securitas\pdf editor\Nitro.PDF.Pro.v14.20.1.0.Enterprise.Multilingual.Incl.Patch\nitro.pro.14.5.x.enterprise-patch.exe; file:_C:\Users\maalp\Desktop\CUADRANTES\cuadrantes securitas\pdf editor\Nitro.PDF.Pro.v14.20.1.0.Enterprise.Multilingual.Incl.Patch\nitro.pro.14.5.x.enterprise.(x64)-patch.exe
Detection Origin: Equipo local
Detection Type: Concreto
Detection Source: Protección en tiempo real
Process Name: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Security intelligence Version: AV: 1.421.733.0, AS: 1.421.733.0, NIS: 1.421.733.0
Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11

Date: 2024-12-12 08:51:53
Description: 
Antivirus de Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Name: HackTool:Win32/Keygen
Severity: Alta
Category: Herramienta
Path: file:_C:\Users\maalp\Desktop\CUADRANTES\cuadrantes securitas\pdf editor\Nitro.PDF.Pro.v14.20.1.0.Enterprise.Multilingual.Incl.Patch\nitro.pro.14.5.x.enterprise-patch.exe
Detection Origin: Equipo local
Detection Type: Concreto
Detection Source: Protección en tiempo real
Process Name: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Security intelligence Version: AV: 1.421.733.0, AS: 1.421.733.0, NIS: 1.421.733.0
Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11

Date: 2024-12-12 08:41:47
Description: 
Antivirus de Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Name: HackTool:Win32/Keygen
Severity: Alta
Category: Herramienta
Path: file:_C:\Program Files\Nitro\PDF Pro\14\nitro.pro.14.5.x.enterprise.(x64)-patch.exe
Detection Origin: Equipo local
Detection Type: Concreto
Detection Source: Protección en tiempo real
Process Name: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Security intelligence Version: AV: 1.421.733.0, AS: 1.421.733.0, NIS: 1.421.733.0
Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11
Event[0]:

Date: 2024-01-08 13:58:36
Description: 
Antivirus de Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.403.916.0
Update Source: Servidor de Microsoft Update
Security intelligence Type: AntiVirus
Update Type: Completa
Current Engine Version: 
Previous Engine Version: 1.1.23110.2
Error code: 0x8024001e
Error description: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2023-10-27 15:26:02
Description: 
Antivirus de Microsoft Defender has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Actual
Error Code: 0x80501102
Error description: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico. 
Security intelligence Version: 1.399.1393.0;1.399.1393.0
Engine Version: 1.1.23090.2007

CodeIntegrity:
===============
Date: 2024-12-13 10:25:48
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\SUPERAntiSpyware\sasdifsv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2024-12-13 10:25:48
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\SUPERAntiSpyware\saskutil64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2024-12-12 12:34:26
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.


==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. GL553VD.308 04/29/2019
Placa base: ASUSTeK COMPUTER INC. GL553VD
Procesador: Intel(R) Core(TM) i5-7300HQ CPU @ 2.50GHz
Porcentaje de memoria en uso: 39%
RAM física total: 12173.02 MB
RAM física disponible: 7373.82 MB
Virtual total: 20877.02 MB
Virtual disponible: 15750.21 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:222.84 GB) (Free:50.55 GB) (Model: TOSHIBA-TR150) NTFS
Drive d: (almacenamiento) (Fixed) (Total:930.46 GB) (Free:575.23 GB) (Model: HGST HTS721010A9E630) NTFS

\\?\Volume{3535cb34-b542-4f2b-9828-85dd39b04ec0}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{a66a22e5-a5f1-42ca-b41b-9eb223a032de}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.38 GB) NTFS
\\?\Volume{9b2e3b46-cf59-47d4-8138-f7592f4e1fae}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 7A4CA373)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 768AB6FB)

Partition: GPT.

==================== Final de Addition.txt =======================
21

Gracias por el registro. ¿Podrías describir los síntomas que estás experimentando?

1 me gusta
22

hola buenos días !

pues en principio ya va bien el acento…no sale la doble tilde.

lo único que veo es algún programa tipo anydesk que me sale error al iniciar el equipo y nada mas.