Mi pc esta infectada?

Buenas tardes lo que pasa es que e notado un comportamiento un tanto lento y raro en mi pc, descargue el Rkill en en escritorio pero no aparece.

image1366×768 137 KB

pero en en otra ubicación si.

image1366×768 87.5 KB

reaice le escaneo con el Rkill y esto arrojó.

Rkill 2.9.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2023 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/18/2023 02:31:30 PM in x64 mode.
Windows Version: Windows 10 Pro 

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Reparse Point/Junctions Found (These may be legitimate)!

     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\98b69696432275ca8d1ca7dbe4debcb7\System.EnterpriseServices.Wrapper.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\e4b5d7c25346cfe7b3ee6f858630bde8\System.EnterpriseServices.Wrapper.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Temp\2770-0\System.Management.Automation.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Comp46f2b404#\89958c56ec379704112075bdbb455886\System.ComponentModel.DataAnnotations.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Runtc259d85b#\02aaf74fb2097e13ada5f95707b4349c\System.Runtime.WindowsRuntime.UI.Xaml.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web\0bc179a6f5376dabed45d64773e7a963\System.Web.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web\29aef85063fd1fd476449a1433dce086\System.Web.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web\2bb624554614d0693ed1146042b7529a\System.Web.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web\3d048f94bbb738453959c8b2244ca5ac\System.Web.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web\3ffa72455ba94861a2a7282d07aa87e2\System.Web.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web\68870ce8a2db4363ee4bc9300930b5a2\System.Web.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web\780a5f83758d3c0615c7f2f2066992e4\System.Web.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web\7f57ae7af0cd07dbcea4e4a6f98b12c1\System.Web.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web\ce6c34ce3eb3ce9c445ba20b3808279d\System.Web.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web\d3006520736b4db1e37faeb51a0926b1\System.Web.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web.28b9ef5a#\2bdf9b7335f4ef812c36f47f81814fc1\System.Web.Extensions.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web.28b9ef5a#\3eb5d0201635034865d3e567b9565ead\System.Web.Extensions.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web.28b9ef5a#\8fb44d265785ba5708ca3d815aa35710\System.Web.Extensions.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web.28b9ef5a#\c7b9e93ec25e2b71ca31fc965ad741fd\System.Web.Extensions.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web.28b9ef5a#\cc5711289f164819219c86f58c6cd60a\System.Web.Extensions.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web.28b9ef5a#\d9fa08efbd5bf32f8168525c4c24d3cb\System.Web.Extensions.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web.28b9ef5a#\dfc6b46d7b7288b18f4023767074c910\System.Web.Extensions.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web.28b9ef5a#\e0fc057268d7d2648ea1a71167a5e2e5\System.Web.Extensions.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web.28b9ef5a#\f05edc67630d1eceb25cc440b105b16f\System.Web.Extensions.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web.Services\319ebe01416fa5360ad1204d76b403b3\System.Web.Services.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\0ef351b743727230f868e47fa0ce4a1d\System.Xml.Linq.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Temp\25dc-0\Microsoft.PowerShell.Activities.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Temp\2680-0\EventViewer.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\fdf48db65ef9f379b96c2e87f0ca00a6\Windows.ApplicationModel.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Networking\119ed91d690c6db43dea4175d589fe5b\Windows.Networking.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Networking\e5dc97cabe736703bca6b73010718b8c\Windows.Networking.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\1e040d6f4d615b1a65dac7a72a7c9cf4\Windows.Storage.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\218540819eaa1161c96565b3796ad8c2\Windows.Storage.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\389a661ae55065e4c1876d6cf81bd5df\Windows.Storage.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\6f9ae94772060a2e698bd0b3af207b52\Windows.Storage.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\1d337134b9b42e53bc017ae60ae0b59d\Windows.System.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\5f5eca705f1eb36d2363512a07647dde\Windows.System.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\64a0c1c720b5cbe0cb41c3ab7a141faa\Windows.System.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\a5e7804114afd5e1d3a5e6ec3ee63666\Windows.System.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\f681d3d15e627a66ed696550bc9076bd\Windows.System.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\330e0bd7c71aa5772aa7aefb0177fc1d\Windows.UI.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\37f2822484db595e2492486cbbba998a\Windows.UI.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\c88157fd8676162fcb8c9ea62a2b422f\Windows.UI.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\2Y7EWSDJAJ\System.Runtime.Serialization.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\3NBHSNMCMA\System.ServiceProcess.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\79CK2TTLNF\System.Runtime.Serialization.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\8W4RNGFMX8\System.Management.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\ERPEBU5OLT\System.Numerics.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\GGL3MEPVRT\System.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\L9P5P7UPN0\System.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\NOOZRS6FOE\System.Xml.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\UYD6TZFUW9\System.Transactions.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\XT99KUBPJ3\System.Xml.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\ZMAHVOVS19\System.Drawing.ni.dll => <Unknown Target> [File]

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * No issues found.

Program finished at: 01/18/2023 02:51:09 PM
Execution time: 0 hours(s), 19 minute(s), and 39 seconds(s)

Es de de alarmarse?

Hola buenas @mario006

Ok.

Ok.

Ok.

No es concluyente.

Entiendo que quieres saber si hay malware en tu máquina.

¿Cierto?

¿Quieres que iniciemos procesos para buscar y eliminar malware en tu máquina?

Me comentas.

Salu2.

Buenas noches, sí señor gracias.

Hola buenas @mario006

Perfecto. Vamos allá.

EN BUSCA / ELIMINACIÓN DE MALWARE

(Mantén conectados todos tus dispositivos externos que tengas como: USBs, discos duros externos, etc).

Por favor, descarga todo el software de los enlaces que pongo/de sus respectivos manuales.

Ahora ejecutarás una serie de herramientas respetando el orden, los pasos con todos los programas cerrados, incluidos los navegadores.

Conectas todos tus dispositivos externos (todos los discos duros externos que tengas, así como todas las USB que tengas y discos duros externos si también tienes.

Realiza los pasos que te pongo a continuación, sin cambiar el orden y síguelos al pie de la letra:

0) Descarga Ccleaner Aquí te dejo su manual: Manual de CCleaner , para que sepas como usarlo y configurarlo correctamente.

Lo instalas y lo ejecutas. En la pestaña Limpieza personalizada dejas la configuración predeterminada. Haces clic en Analizar y esperas a que termine. Seguidamente, haz clic en Ejecutar Limpiador. Clic en la pestaña Registro > clic en Buscar Problemas esperas que termine. Finalmente, clic en Reparar Seleccionadas y realizas una Copia de Seguridad del registro de Windows.

1) Descarga, instala, actualiza y ejecuta Malwarebytes’ Anti-Malware. Aquí te dejo su manual: Manual de Malwarebytes, para que sepas como usarlo y configurarlo correctamente.

• Realizas un Análisis Personalizado, marcando Todas las casillas de la Derecha y de la Izquierda, actualizando si te lo pide. Es decir: conectas todos tus dispositivos externos (todos los discos duros externos que tengas, así como todas las USB que tengas, incluida la que me has dicho anteriormente y marcas todas las unidades de disco disponibles y las siguientes casillas:

• Pulsar en “Eliminar Seleccionados” para enviar las infecciones a la cuarentena y Reinicias el ordenador.
• Para acceder posteriormente al informe del análisis te diriges a: Informes >> Registro de análisis >> pulsas en Exportar >> Copiar al Portapapeles y pones el informe en tu próxima respuesta.

2) Descarga Adwcleaner en el escritorio.

• Desactiva tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.
• Ejecuta Adwcleaner.exe (Si usas Windows Vista/7/8 u 10 presiona clic derecho y selecciona “Ejecutar como Administrador.”)
• Pulsar en el botón Analizar Ahora, y espera a que se termine el análisis. Inmediatamente, pulsa sobre el botón Iniciar Reparación.
• Espera a que termine y sigue las instrucciones que te aparezcan. Si te pidiera Reiniciar, pues reinicias el ordenador pulsando en Aceptar.
• Si no encuentra nada, pulsa en Omitir Reparación.
• El log lo encontrarás en la pestaña Informes, volviendo a abrir el programa, si es necesario o en la siguiente ubicación: C:\AdwCleaner\Logs\AdwCleaner[C0].txt.
• Para más información aquí te dejo su manual: Manual de Adwcleaner.
• Activa de nuevo tu antivirus y cualquier programa de seguridad que tengas activado.

3) Utiliza nuevamente CCleaner tal como te dije en el punto 0.

Pegas los reportes de Malwarebytes y AdwCleaner y comentas como va el problema inicial planteado por el cual abriste este tema. También responde a las preguntas que te haya realizado a lo largo de este Post, siempre que te haya hecho alguna, si no, no

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

• No realices pasos/acciones que NOSOTROS no te hayamos indicado.
• No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
• No instales NADA (programas/software/complementos/extensiones del navegador…).
• No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
• No realices por tu cuenta otros procedimientos.
• Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

Hola buena tarde envió el reporte de Malwarebytes

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 20/1/23
Hora del análisis: 11:31
Archivo de registro: d8d0c790-98df-11ed-813a-00ff0368f798.json

-Información del software-
Versión: 4.5.20.230
Versión de los componentes: 1.0.1868
Versión del paquete de actualización: 1.0.64813
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 19045.2486)
CPU: x64
Sistema de archivos: NTFS
Usuario: Arturo-Parra\ArturoParra

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 468296
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 2 hr, 28 min, 0 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Disculpa la demora.

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build:    08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    01-21-2023
# Duration: 00:00:10
# OS:       Windows 10 (Build 19045.2546)
# Scanned:  32082
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Hola buenas @mario006

Tranquilo no pasa nada.

Ambos informes han sido realizados correctamente y están totalmente limpios. La verdad es que por lo que respecta a infecciones tu máquina la veo muy bien, ya que de momento no han encontrado nada. Vamos a realizar algún análisis más, pero no creo que esté infectada.

EN BUSCA / ELIMINACIÓN DE MALWARE

Realiza los pasos que te pongo a continuación, sin cambiar el orden y síguelos al pie de la letra:

Conectas todos tus dispositivos externos (todos los discos duros externos que tengas, USB, etc). Inicias el ordenador en Modo Normal.

0) Descarga Eset Online Scaner Manual de Uso y realizas un análisis del PC, lee detalladamente las instrucciones y realizas un Análisis Personalizado tal y como se indica en su manual. Me traes su reporte.

1) Descarga Kasperky Virus Removal Tool Manual de Uso y realizas un análisis del PC, lee detalladamente las instrucciones y lo realizas tal y como se indica en su manual. En este caso no da reporte alguno, cuando finalice, presionas en la pestaña Report tal y como se indica en su manual y haces una captura de pantalla y la subes.

¿Como subir imágenes al Foro?

PRÓXIMA RESPUESTA

Pegas los reportes de Eset Online Scaner y Kasperky Virus Removal Tool (captura) y comentas como va el PC.

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

• No realices pasos/acciones que NOSOTROS no te hayamos indicado.
• No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
• No instales NADA (programas/software/complementos/extensiones del navegador…).
• No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
• No realices por tu cuenta otros procedimientos.
• Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

Buenas noches @Marr0n , tengo dos noticias; la primera es que analice el pc con el E.O.S y este eliminó un pequeño virus, el .exe de esa carpeta.

image863×292 24.5 KB

Lo segundo es que no me percate que tenia activo el Glary Utilities, y este realizo limpieza y borro los Temp donde se encontraba el Log , pero la amenaza la elimino.

Kasperky Virus Removal Tool (captura)

Al terminar los análisis la pc quedo un poco lenta en el funcionamiento , ha de ser que fue mucha carga.

Hola buenas @mario006

OK. Todo y por lo que veo es muy probable que fuese un Falso Positivo.

¿Tú reconoces o instalaste este programa?

Ok.

No, no es eso.

Tu máquina está muy limpia y no tiene malware.

Miraremos un poco las entrañas de esta a ver si vemos que es lo que causa lentitud.

Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).

Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?

Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

Farbar Recovery Scan Tool

1. Ejecutas el FRST.exe (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).

2. Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.

3. En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.

4. Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.

Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado. También conectas nuevamente tu equipo a Internet.

PRÓXIMA RESPUESTA

Pegas los reportes de FRST.txt y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

• No realices pasos/acciones que NOSOTROS no te hayamos indicado.
• No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
• No instales NADA (programas/software/complementos/extensiones del navegador…).
• No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
• No realices por tu cuenta otros procedimientos.
• Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

Hola @Marr0n

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 24-01-2023
Ejecutado por ArturoParra (24-01-2023 12:19:06)
Ejecutado desde C:\USUARIO\Desktop
Microsoft Windows 10 Pro Versión 22H2 19045.2546 (X64) (2020-06-25 17:20:57)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-1475189372-905897940-3643049737-500 - Administrator - Disabled)
ArturoParra (S-1-5-21-1475189372-905897940-3643049737-1001 - Administrator - Enabled) => C:\Users\USUARIO
DefaultAccount (S-1-5-21-1475189372-905897940-3643049737-503 - Limited - Disabled)
Invitado (S-1-5-21-1475189372-905897940-3643049737-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1475189372-905897940-3643049737-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Kaspersky Security Cloud (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
FW: Kaspersky Internet Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
FW: Kaspersky Security Cloud (Disabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Anki (HKLM-x32\...\Anki) (Version: 2.1.54 - )
Audacity 3.2.3 (HKLM\...\Audacity_is1) (Version: 3.2.3 - Audacity Team)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 109.1.47.171 - Los creadores de Brave)
Comprobación de estado de PC Windows (HKLM\...\{8B474A92-CE3A-4F46-B6F1-6DFA1390F826}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Documentation Manager (HKLM\...\{2E843C78-FE5B-446C-A2AC-DE311FE1D78A}) (Version: 22.140.0.3 - Intel Corporation) Hidden
draw.io 20.8.10 (HKLM\...\27a75bf3-be48-5c35-934f-8491cf108abe) (Version: 20.8.10 - JGraph)
FFmpeg v2.2.2 for Audacity - 64bit (HKLM\...\FFmpeg for Audacity_is1) (Version:  - )
Glary Utilities PRO 5.200 (HKLM-x32\...\Glary Utilities 5) (Version: 5.200.0.229 - Glarysoft Ltd)
Intel Driver && Support Assistant (HKLM-x32\...\{E4EC6B50-5A65-41DD-AC35-E1839BF685E8}) (Version: 22.8.50.7 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{0703311b-31d5-4c17-9668-c48dee4b7749}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{34663e82-6c5e-4b48-b1b1-fee1881dc39b}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{7e58df71-ff1c-43fd-a618-5511b76c0dd9}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{b67002e1-a877-4be9-af96-6f8867bc5b12}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1950.14.0.1443 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{2FA1D256-7068-489B-9917-11A4C39D2AC5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{84784ACA-42D1-48CD-89FD-E7D8E39AE432}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{75BBE775-9A38-4D06-A47F-0518EA4C9AB7}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{0940A8E6-DBBC-4554-B07D-EBFB10627716}) (Version: 30.100.2020.7 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2020.7 - Intel Corporation)
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.58.48.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.58.48.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2391a86e-5ab5-40d2-a274-1867cd576686}) (Version: 1.58.48.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000140-0220-1034-84C8-B8D95FA3C8C3}) (Version: 22.140.0.4 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{ff7ef6db-5d66-4ebe-827f-09d6cea8ee1e}) (Version: 22.8.50.7 - Intel)
Intel® Software Installer (HKLM-x32\...\{b3bbf46b-6ffd-4f54-8d1f-26206cfe1739}) (Version: 22.140.0.3 - Intel Corporation) Hidden
Java 8 Update 361 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180361F0}) (Version: 8.0.3610.9 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{FEA95EF1-A4FE-3E02-B1C8-B79136C3A44A}) (Version: 21.8.5.452 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{FEA95EF1-A4FE-3E02-B1C8-B79136C3A44A}) (Version: 21.8.5.452 - Kaspersky)
K-Lite Codec Pack 17.4.0 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 17.4.0 - KLCP)
Microsoft .NET Core Host - 3.1.28 (x64) (HKLM\...\{26ECE92F-518E-40AF-9108-7B7B444A46DE}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.28 (x64) (HKLM\...\{CDEA72F4-1367-4E0A-AC5F-0EBAF7C6825A}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.28 (x64) (HKLM\...\{3691148D-EF42-4812-8956-AE11FC413B8D}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.28 (x64) (HKLM-x32\...\{231e3b76-4d0f-4e60-9d69-f11c9c448630}) (Version: 3.1.28.31513 - Microsoft Corporation)
Microsoft .NET Host - 5.0.10 (x86) (HKLM-x32\...\{EEC610D2-6934-4567-A658-092A1429A21A}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.10 (x86) (HKLM-x32\...\{29F55E7D-9FB8-4F1D-A233-1F5995CB0FF5}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.10 (x86) (HKLM-x32\...\{17675144-2D5B-4BA3-AF21-A65F7D824149}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft Office LTSC Professional Plus 2021 - es-es (HKLM\...\ProPlus2021Volume - es-es) (Version: 16.0.15028.20160 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{E1F8AD73-09C5-434A-A2C4-15EC6B98CF21}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{C022DCCA-DEA7-458A-97D1-F5BD4AAEE4A0}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{ba8ab6bd-ad21-447e-b617-feee84353247}) (Version: 5.0.10.30418 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{DCE5198A-7449-4F9F-A630-C8363759D0FB}) (Version: 40.40.30418 - Microsoft Corporation) Hidden
NVIDIA Controlador de gráficos 461.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.40 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15028.20050 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15028.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.15028.20094 - Microsoft Corporation) Hidden
PDF-XChange Editor (HKLM\...\{C41347AF-84A5-43C9-8212-5A97B2083ACB}) (Version: 9.5.366.0 - Tracker Software Products (Canada) Ltd.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
Stardock Start10 (HKLM\...\Start10_is1) (Version: 1.7 - Stardock Software Inc.)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.61 - Microsoft Corporation)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
YACReader v9.11.0.2301073 (HKLM\...\YACReader_is1) (Version: 9.11.0.2301073 - )

Packages:
=========
Centro de comando de gráficos Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt [2022-12-25] (INTEL CORP) [Startup Task]
Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-08-29] (Microsoft Corporation)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-12-23] (Microsoft Corporation)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20500.501.0_x64__rz1tebttyb220 [2021-01-05] (Dolby Laboratories)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_17.9.1008.0_x64__8j3eq9eme6ctt [2020-06-22] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-06-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-06-01] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-06-01] (Microsoft Studios) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2022-11-10] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-06-28] (NVIDIA Corp.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b840211aa1b1b9ff\OptaneShellExt.dll [2020-04-30] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2022-03-11] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-03-13] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2022-03-11] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-03-13] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b840211aa1b1b9ff\OptaneShellExt.dll [2020-04-30] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-03-13] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_b169173487045715\nvshext.dll [2021-06-28] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2022-03-11] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-03-13] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2022-06-28 13:26 - 2022-06-28 13:26 - 005998080 _____ () [Archivo no firmado] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module_win32.dll
2019-12-08 21:58 - 2019-04-19 07:29 - 000095744 _____ () [Archivo no firmado] C:\WINDOWS\Womtrust.dll
2022-12-25 18:10 - 2022-12-25 18:10 - 041845248 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\IGCC.dll
2019-12-08 21:58 - 2019-04-19 07:29 - 000182448 _____ (Stardock Corporation -> Stardock Software, Inc) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Stardock\Start10\Start10Shell64.dll
2019-12-08 21:58 - 2019-04-19 07:29 - 001686552 _____ (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Stardock\Start10\Start10_64.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\79264569.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMInstallerService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\79264569.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMInstallerService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_361\bin\ssv.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_361\bin\jp2ssv.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\sharepoint.com -> hxxps://esapedu-files.sharepoint.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2022-10-16 19:28 - 2022-10-16 19:28 - 000000836 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\;C:\Program Files (x86)\dotnet\
HKCU\Environment\\Path -> %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\Control Panel\Desktop\\Wallpaper -> c:\usuario\pictures\tabla ffonetica ingles.png
DNS Servers: 1.1.1.1 - 208.67.222.123
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: brave => 2
MSCONFIG\Services: bravem => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: KSDE4.0 => 2
MSCONFIG\Services: MozillaMaintenance => 3
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant"
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\StartupApproved\StartupFolder: => "Enviar a OneNote.lnk"
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\StartupApproved\Run: => "Opera Browser Assistant"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{79F1DAD0-4FBA-406B-B0E2-468BF81DBE97}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{ACFAAE16-4F1B-473C-9393-C27BB7C9319D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.61\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Puntos de Restauración =========================


==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (01/23/2023 09:56:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa LockApp.exe (versión 10.0.19041.2193) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 2e90

Hora de Inicio: 01d92f99831d3e24

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe

Id. de informe: e02505c1-170b-415f-8026-5646d09054b5

Nombre completo del paquete con errores: Microsoft.LockApp_10.0.19041.1023_neutral__cw5n1h2txyewy

Id. de la aplicación relativa al paquete con errores: WindowsDefaultLockScreen

Tipo de bloqueo: Quiesce

Error: (01/23/2023 05:03:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa explorer.exe (versión 10.0.19041.2546) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 520

Hora de Inicio: 01d92f75fbc75d0a

Hora de finalización: 33

Ruta de la aplicación: C:\Windows\explorer.exe

Id. de informe: e2a954b2-f827-43ab-9c3f-8bd39df5dd77

Nombre completo del paquete con errores: 

Id. de la aplicación relativa al paquete con errores: 

Tipo de bloqueo: Unknown

Error: (01/23/2023 04:58:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ESETOnlineScanner.exe, versión: 10.23.31.0, marca de tiempo: 0x61e82da2
Nombre del módulo con errores: WININET.dll, versión: 11.0.19041.2193, marca de tiempo: 0x06482a9b
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x002cc01b
Identificador del proceso con errores: 0x2edc
Hora de inicio de la aplicación con errores: 0x01d92f75c137e237
Ruta de acceso de la aplicación con errores: C:\Users\USUARIO\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\WININET.dll
Identificador del informe: 70752703-d1d1-4cc8-b1b3-b18be1ec2de8
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


Errores del sistema:
=============

Windows Defender:
================
Date: 2023-01-18 17:28:41
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {A9FD7765-C89F-4071-AC39-1C654E056F93}
Tipo de examen: Antimalware
Parámetros de examen: Examen completo
Usuario: ARTURO-PARRA\ArturoParra

Date: 2023-01-18 17:16:15
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {DB63EE1A-56E4-4010-8853-E7BE8A1D5A3D}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2023-01-09 18:51:55
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {7CC775D0-618B-43CB-B880-904292FFF3C0}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2023-01-08 13:18:05
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {AA602A83-3041-4179-8A2D-A586CE1B5642}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2023-01-07 16:53:11
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {7FE76C8B-98E6-46B5-A186-527DB9E7E3AD}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2023-01-24 12:15:37
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.


==================== Información de la memoria =========================== 

BIOS: LENOVO ASCN51WW 05/14/2021
Placa base: LENOVO LNVNB161216
Procesador: Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz
Porcentaje de memoria en uso: 51%
RAM física total: 8072.24 MB
RAM física disponible: 3924.86 MB
Virtual total: 12248.86 MB
Virtual disponible: 7282.41 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:121.18 GB) (Free:43.16 GB) (Model: WDC WD10SPZX-24Z10) NTFS
Drive d: () (Fixed) (Total:809.44 GB) (Free:740.8 GB) (Model: WDC WD10SPZX-24Z10) NTFS

\\?\Volume{a4b7e769-d565-440a-9612-4b7e1b490f63}\ () (Fixed) (Total:0.77 GB) (Free:0.08 GB) NTFS
\\?\Volume{d3283a6c-63f3-40a4-b14d-3705c18f7b97}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabla de particiones ====================

==================== Final de Addition.txt =======================

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 24-01-2023
Ejecutado por ArturoParra (administrador) sobre ARTURO-PARRA (LENOVO 81MU) (24-01-2023 12:16:04)
Ejecutado desde C:\USUARIO\Desktop
Perfiles cargados: ArturoParra
Plataforma: Microsoft Windows 10 Pro Versión 22H2 19045.2546 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Brave
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.133\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.133\BraveCrashHandler64.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe
(C:\Program Files (x86)\Stardock\Start10\Start10Srv.exe ->) (Stardock Corporation -> Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start10\Start10_64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxEM.exe
(services.exe ->) (Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(services.exe ->) (Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a9a2dde7124f013f\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5d54dd32fa1ef4d4\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5d54dd32fa1ef4d4\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_86dc7f4c001ddecd\RstMwService.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_b169173487045715\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Stardock Corporation -> Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start10\Start10Srv.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076728 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [291080 2022-12-14] (Intel Corporation -> Intel)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe [3218736 2023-01-12] (Brave Software, Inc. -> Brave Software, Inc.)
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\WINDOWS\system32\pxcpmL.dll [953600 2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\109.1.47.171\Installer\chrmstp.exe [2023-01-12] (Brave Software, Inc. -> Brave Software, Inc.)
BootExecute: autocheck autochk *  

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {0517CE26-1BBE-4DD0-9F73-D0195A815B33} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0997F244-33FD-4AFC-92FD-448F5235F02C} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2022-12-14] () [Archivo no firmado]
Task: {09DDCC2A-FBA9-422A-A4D2-F575E703017A} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0CB98714-08C5-4507-92A6-4DB182F6A5B7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {13D9E5E7-C2C5-44B9-A35A-2AC27DF9B6E9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {175C5518-6123-434B-9B91-B17620129A07} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [6703360 2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
Task: {21198DF3-7F3A-4A61-ADCD-7217DE3381CB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138680 2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {21F4AA4A-A044-4328-8E40-7EE3064B87F9} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1475189372-905897940-3643049737-1001 => C:\Users\USUARIO\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe (Ningún archivo)
Task: {22EF0E82-6AC0-41BC-B2AD-610420E5A443} - System32\Tasks\Uninstall AdwCleaner Application => C:\USUARIO\Desktop\adwcleaner.exe /uninstall (Ningún archivo)
Task: {26B558AF-6CAE-4047-9700-6E6D600590A1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22865832 2022-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {37641224-4EC0-4BDA-BDBC-133A2E38DBF6} - System32\Tasks\GlaryOneClickOptimizer 5 => C:\Program Files (x86)\Glary Utilities 5\OneClickMaintenance.exe [241408 2023-01-14] (Glarysoft LTD -> Glarysoft Ltd)
Task: {42060297-FA15-4369-BCD3-B94FB2F05714} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {427803A3-252F-465F-8C86-97ECF88A34EC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138680 2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {4CFA5F76-07B0-4132-9BFB-9A7D326E747C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {51C3B664-D63E-4A5F-96D4-CBB595DE82F3} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61336 2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {542F562C-8572-48A1-BB67-FEDAF5216594} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{75755994-8C1B-423C-BEE7-85482A950B5B} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2022-10-16] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {59598B8B-A2BB-4B2E-8503-C8363D4FCD50} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{603269AD-5960-4DB8-B286-41EDEB27CABE} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2022-10-16] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {698A3446-E4F0-48B8-BC86-1C91ADE5053B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8338896 2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {76694EBF-0344-49D0-AC99-17EFFBC6D0B2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {769A0D54-C64A-44D2-872A-8771F7F1A0CC} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe -mode=scheduled (Ningún archivo)
Task: {7AF053A0-4ED6-4FF3-B3F5-714EC56E0F69} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8338896 2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {A13C52D8-A233-47BB-81DF-2560AAF1033B} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask (Ningún archivo)
Task: {B1CB4E6B-730F-4476-A48C-D2D682FD39D1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B1CCA928-7383-4F17-9EF5-960B955991BC} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C22EC83D-05DE-45AC-B12C-2700D5F820BE} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe /NOUACCHECK
Task: {C87D4407-0B19-4C18-A6D8-3675E06898D4} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C9897783-007C-4577-B41C-B2BD65D4C8AA} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (Ningún archivo)
Task: {CAC8A661-1FDE-4A95-AF2F-97D4673525F8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22865832 2022-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4F33D03-E8FD-4DBD-B8AE-038D737CECD0} - System32\Tasks\Remove AdwCleaner Application => CMD.EXE /C DEL /F /Q "C:\USUARIO\Desktop\adwcleaner.exe"

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 1.1.1.1 1.0.0.1
Tcpip\..\Interfaces\{12bcacf5-d72b-40e9-95cf-ed275e5c3760}: [NameServer] 1.1.1.1,208.67.222.123
Tcpip\..\Interfaces\{12bcacf5-d72b-40e9-95cf-ed275e5c3760}: [DhcpNameServer] 1.1.1.1 1.0.0.1
Tcpip\..\Interfaces\{af2ecd92-96f2-43a5-9e2c-04459cd99b93}: [DhcpNameServer] 1.1.1.1 1.0.0.1
Tcpip\..\Interfaces\{d46be5a9-dac9-477e-9fc2-4865800dbbed}: [NameServer] 198.51.100.1,198.51.100.2

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Ningún archivo]
FF Plugin-x32: @java.com/DTPlugin,version=11.361.2 -> C:\Program Files (x86)\Java\jre1.8.0_361\bin\dtplugin\npDeployJava1.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.361.2 -> C:\Program Files (x86)\Java\jre1.8.0_361\bin\plugin2\npjp2.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1475189372-905897940-3643049737-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1475189372-905897940-3643049737-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1475189372-905897940-3643049737-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

Brave: 
=======
BRA Profile: C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-01-24]
BRA Extension: (Traductor de Google) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-09-17]
BRA Extension: (Adobe Acrobat: herramientas para convertir, editar y firmar PDFs) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-01-19]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-12-14]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-01-23]
BRA Extension: (Brave NTP background images) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-08-11]
BRA Extension: (Wallet Data Files Updater) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-01-13]
BRA Extension: (Brave Ad Block Updater (Easylist-Cookie List - Filter Obtrusive Cookie Notices (plaintext))) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-01-23]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-12-02]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2022-09-18]
BRA Extension: (Brave Ad Block Updater (EasyList Spanish (plaintext))) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\fejmaeodjeekfldnbegjagemjgnmhfof [2023-01-23]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-01-12]
BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-01-23]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-05-09]
BRA Extension: (Brave Ad Block Updater (Easylist-Cookie List - Filter Obtrusive Cookie Notices)) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\lfgnenkkneohplacnfabidofpgcdpofm [2022-12-02]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2022-12-16]
BRA Extension: (Brave NTP sponsored images) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\ogdjnhmejccgjdnclbeghpffmecndeai [2023-01-24]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-01-17]
BRA Extension: (Brave Ad Block Updater (EasyList Spanish)) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\pdecoifadfkklajdlmndjpkhabpklldh [2022-12-02]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe [184768 2022-02-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2022-10-16] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2022-10-16] (Brave Software, Inc. -> BraveSoftware Inc.)
R3 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11666384 2022-03-29] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> )
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [42248 2022-12-14] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [207624 2022-12-14] (Intel Corporation -> Intel)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [381808 2020-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R3 GUBootService; C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe [886528 2023-01-14] (Glarysoft LTD -> Glarysoft Ltd)
S3 GUPMService; C:\Program Files (x86)\Glary Utilities 5\GUPMService.exe [73984 2023-01-14] (Glarysoft LTD -> Glarysoft Ltd)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S2 KSDE5.8; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.8\ksde.exe [32008 2022-10-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2023-01-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Start10; C:\Program Files (x86)\Stardock\Start10\Start10Srv.exe [220440 2019-04-19] (Stardock Corporation -> Stardock Software, Inc)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_b169173487045715\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_b169173487045715\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [112336 2019-10-02] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
S3 clwvd7; C:\WINDOWS\System32\drivers\clwvd7.sys [42968 2015-03-24] (CyberLink Corp. -> CyberLink Corporation)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [45056 2022-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
S3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [522504 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [717448 2022-11-24] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1729160 2022-11-24] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [244832 2022-11-28] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1049864 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90896 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltun; C:\WINDOWS\system32\DRIVERS\kltun.sys [96128 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [382304 2022-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [359976 2022-12-06] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [190048 2022-12-06] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [270672 2022-10-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 necbatt; C:\WINDOWS\System32\drivers\necbatt.sys [34880 2018-05-09] (NEC Personal Computers, Ltd. -> NEC Personal Computers, Ltd.)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [50248 2020-07-06] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [48136 2021-05-13] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2022-12-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473376 2022-12-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-27] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2023-01-24 12:15 - 2023-01-24 12:16 - 000000000 ____D C:\FRST
2023-01-23 10:47 - 2023-01-23 17:07 - 000001396 _____ C:\Users\USUARIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-01-21 14:53 - 2023-01-21 14:53 - 000003294 _____ C:\WINDOWS\system32\Tasks\Remove AdwCleaner Application
2023-01-21 14:53 - 2023-01-21 14:53 - 000003276 _____ C:\WINDOWS\system32\Tasks\Uninstall AdwCleaner Application
2023-01-20 14:43 - 2023-01-20 14:43 - 000000000 ___HD C:\$WinREAgent
2023-01-20 13:31 - 2023-01-20 13:31 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Sun
2023-01-20 13:30 - 2023-01-20 13:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2023-01-20 13:30 - 2023-01-20 13:30 - 000000000 ____D C:\Program Files (x86)\Java
2023-01-20 13:30 - 2023-01-09 09:14 - 000168096 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2023-01-19 19:38 - 2023-01-19 19:38 - 000003694 _____ C:\WINDOWS\system32\Tasks\TrackerAutoUpdate
2023-01-19 15:09 - 2023-01-19 15:12 - 000000000 ____D C:\Users\USUARIO\AppData\Local\Studio_pomaranča_d.o.o__O
2023-01-18 14:54 - 2023-01-20 14:21 - 000000000 ____D C:\Program Files\Malwarebytes
2023-01-18 12:01 - 2023-01-18 12:01 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Tracker Software
2023-01-18 12:01 - 2023-01-18 12:01 - 000000000 ____D C:\Users\USUARIO\AppData\Local\Tracker Software
2023-01-18 12:00 - 2023-01-19 19:37 - 000000000 ____D C:\ProgramData\Tracker Software
2023-01-18 12:00 - 2023-01-18 12:00 - 000001125 _____ C:\Users\Public\Desktop\PDF-XChange Editor.lnk
2023-01-18 12:00 - 2023-01-18 12:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software
2023-01-18 12:00 - 2023-01-18 12:00 - 000000000 ____D C:\ProgramData\FileOpen
2023-01-18 12:00 - 2023-01-18 12:00 - 000000000 ____D C:\Program Files\Tracker Software
2023-01-18 12:00 - 2023-01-18 12:00 - 000000000 ____D C:\Program Files\Common Files\Tracker Software
2023-01-18 12:00 - 2022-12-12 16:29 - 000953600 _____ (Tracker Software Products (Canada) Ltd.) C:\WINDOWS\system32\pxcpmL.dll
2023-01-11 12:13 - 2023-01-11 12:13 - 000000604 _____ C:\Users\USUARIO\OneDrive\Documentos\Ciberseguridad_Introducción.drawio
2023-01-08 12:00 - 2023-01-08 12:00 - 000000000 ____D C:\Users\USUARIO\AppData\Local\YACReader
2023-01-08 11:58 - 2023-01-08 11:58 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YACReader
2023-01-08 11:58 - 2023-01-08 11:58 - 000000000 ____D C:\Program Files\YACReader
2023-01-04 14:54 - 2023-01-04 18:18 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2023-01-04 14:54 - 2023-01-04 15:07 - 000003708 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-04 14:54 - 2023-01-04 15:07 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-01-04 14:44 - 2023-01-04 18:05 - 000000000 ____D C:\Program Files\Image-Line
2023-01-04 14:28 - 2023-01-21 12:36 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\audacity
2023-01-04 14:28 - 2023-01-04 14:28 - 000000865 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2023-01-04 14:28 - 2023-01-04 14:28 - 000000000 ____D C:\Users\USUARIO\AppData\Local\audacity
2023-01-04 14:28 - 2023-01-04 14:28 - 000000000 ____D C:\Program Files\Audacity
2023-01-04 11:33 - 2023-01-04 14:28 - 000000000 ____D C:\Temp
2022-12-27 10:44 - 2020-10-15 01:14 - 000305984 _____ C:\WINDOWS\system32\libmfxhw64.dll
2022-12-27 10:44 - 2020-10-15 01:14 - 000254512 _____ C:\WINDOWS\SysWOW64\libmfxhw32.dll
2022-12-27 10:44 - 2020-10-15 01:14 - 000171464 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2022-12-27 10:44 - 2020-10-15 01:14 - 000146744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2022-12-26 14:00 - 2022-12-26 14:00 - 000000559 _____ C:\Users\USUARIO\OneDrive\Documentos\Config.gpp
2022-12-26 12:59 - 2022-12-26 12:59 - 000004420 _____ C:\Users\USUARIO\OneDrive\Documentos\njnjnjn.emf
2022-12-25 18:08 - 2022-10-07 13:39 - 000514544 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2022-12-25 18:08 - 2022-10-07 13:39 - 000455160 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2022-12-25 18:08 - 2022-10-07 13:34 - 001432352 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-12-25 18:08 - 2022-10-07 13:34 - 001432352 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-12-25 18:08 - 2022-10-07 13:34 - 001145632 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-12-25 18:08 - 2022-10-07 13:34 - 001145632 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2023-01-24 11:41 - 2020-06-25 11:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-24 11:04 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-24 10:21 - 2022-12-24 10:13 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\draw.io
2023-01-23 22:58 - 2020-06-20 18:46 - 000000000 ____D C:\ProgramData\NVIDIA
2023-01-23 21:58 - 2020-06-22 15:59 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\vlc
2023-01-23 17:08 - 2022-04-05 17:28 - 000000000 ____D C:\KVRT2020_Data
2023-01-23 16:58 - 2020-07-16 15:00 - 000000000 ____D C:\Users\USUARIO\AppData\Local\CrashDumps
2023-01-23 10:47 - 2021-02-20 14:40 - 000000000 ____D C:\Users\USUARIO\AppData\Local\ESET
2023-01-22 22:29 - 2019-12-07 04:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-01-22 12:13 - 2022-12-24 07:43 - 000000000 ____D C:\Program Files\draw.io
2023-01-21 15:02 - 2022-05-09 20:21 - 000000000 ____D C:\KPRM
2023-01-21 12:50 - 2020-06-25 11:30 - 000000000 ____D C:\Users\USUARIO
2023-01-21 11:51 - 2022-12-15 12:39 - 000001538 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2023-01-21 11:48 - 2022-01-18 16:46 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-21 11:48 - 2020-06-25 12:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-21 11:48 - 2020-06-01 07:47 - 000000000 ____D C:\Intel
2023-01-21 11:48 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-01-21 11:47 - 2019-12-07 04:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-01-21 11:45 - 2021-02-21 16:14 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-01-20 15:53 - 2021-02-15 11:09 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-20 15:49 - 2020-06-25 12:09 - 001773056 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-01-20 15:49 - 2019-12-07 09:55 - 000777334 _____ C:\WINDOWS\system32\perfh00A.dat
2023-01-20 15:49 - 2019-12-07 09:55 - 000152056 _____ C:\WINDOWS\system32\perfc00A.dat
2023-01-20 15:49 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2023-01-20 15:45 - 2021-02-14 19:53 - 000575560 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-01-20 15:40 - 2020-07-13 15:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-01-20 15:40 - 2019-12-07 09:58 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-01-20 15:40 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-01-20 15:40 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-01-20 15:40 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-01-20 15:40 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-01-20 15:40 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-01-20 15:40 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-01-20 14:15 - 2019-12-07 04:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-01-18 11:55 - 2022-05-30 14:12 - 000000000 ____D C:\Program Files\Adobe
2023-01-18 11:52 - 2022-05-30 14:11 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-01-18 11:49 - 2022-03-15 07:15 - 000001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2023-01-18 11:49 - 2022-03-15 07:15 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2023-01-18 11:24 - 2020-06-24 10:12 - 000007609 _____ C:\Users\USUARIO\AppData\Local\Resmon.ResmonCfg
2023-01-16 12:35 - 2022-11-05 12:25 - 000033786 _____ C:\WINDOWS\system32\energy-report.html
2023-01-13 16:02 - 2021-08-30 17:02 - 000003300 _____ C:\WINDOWS\system32\Tasks\klcp_update
2023-01-13 16:02 - 2021-08-30 17:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2023-01-13 16:02 - 2021-08-30 17:02 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2023-01-12 17:53 - 2022-10-16 20:15 - 000002372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2023-01-10 17:55 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-01-10 17:15 - 2020-06-25 12:06 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-01-10 16:48 - 2020-06-24 21:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-01-10 16:32 - 2020-06-24 21:32 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-01-08 16:35 - 2022-11-22 22:26 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Anki2
2023-01-07 13:17 - 2019-12-08 22:00 - 000000000 ____D C:\ProgramData\Package Cache
2023-01-05 21:30 - 2020-06-21 13:14 - 000000000 ____D C:\Users\USUARIO\AppData\Local\ElevatedDiagnostics
2023-01-04 18:18 - 2020-11-23 16:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2023-01-04 18:02 - 2020-06-23 12:40 - 000000000 ____D C:\Program Files\Common Files\VST2
2023-01-04 11:33 - 2019-12-07 04:14 - 000000247 _____ C:\WINDOWS\system.ini
2023-01-04 11:33 - 2019-12-07 04:14 - 000000121 _____ C:\WINDOWS\win.ini
2023-01-03 22:13 - 2020-06-21 09:34 - 000000594 _____ C:\Users\USUARIO\OneDrive\Documentos\correo temporal.txt
2022-12-27 10:37 - 2019-12-07 08:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-12-25 18:11 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-25 18:08 - 2020-06-22 11:23 - 000000000 ____D C:\Program Files\Intel
2022-12-25 18:04 - 2020-06-01 07:47 - 000000000 ____D C:\ProgramData\Intel

==================== Archivos en la raíz de algunos directorios ========

2021-01-21 20:59 - 2021-03-18 17:10 - 000000820 _____ () C:\Users\USUARIO\AppData\Local\oobelibMkey.log
2020-06-24 10:12 - 2023-01-18 11:24 - 000007609 _____ () C:\Users\USUARIO\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================`Texto preformateado`

Hola buenas @mario006

En cuando pueda te responderé. Pues trae su tiempo analizar estos logs y actualmente tengo poco tiempo para ello.

A lo largo de esta semana te digo algo.

Salu2.

Bueno señor @Marr0n pierda cuidado.

No te entiendo @mario006

¿Qué quieres decir con esto?

Salu2.

Hola @Marr0n eso no es insulto o amenaza por si lo a tomado de esa manera. La frase quiere decir: no hay problema, no se preocupe, tranquilo. Se usa mucho en Colombia y cercanías.

Hola @Chicloi me puedes ayudar, quisiera terminar con este problema de una vez, gracias.

Este tema se cerró automáticamente 2 días después de la última publicación. No se permiten nuevas respuestas.