Pantalla negra con cursor en windows 10

mario006 · 6 Julio, 2023 01:48

Buenas noches, después de desinfectar la pc.

Rkill 2.9.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2023 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 07/05/2023 12:10:46 PM in x64 mode.
Windows Version: Windows 10 Pro 

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Users\USUARIO\AppData\Local\Temp\48F55F20-184BEE90-2D3AEBE0-F33D5830\DttTW3vS9E.exe.f8f546.f8fe20 (PID: 4240) [T-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * No issues found.

Program finished at: 07/05/2023 12:34:56 PM
Execution time: 0 hours(s), 24 minute(s), and 10 seconds(s)

Program            : RogueKiller Anti-Malware
Version            : 15.11.0.0
x64                : Yes
Program Date       : Jun 22 2023
Location           : C:\USUARIO\Desktop\RogueKiller_portable64.exe
Premium            : No
Company            : Adlice Software
Website            : https://www.adlice.com/
Contact            : https://adlice.com/contact/
Website            : https://adlice.com/download/roguekiller/
Operating System   : Windows 10 (10.0.19045) 64-bit
64-bit OS          : Yes
Startup            : 0
WindowsPE          : No
User               : ArturoParra
User is Admin      : Yes
Date               : 2023/07/05 20:52:30
Type               : Scan
Aborted            : No
Scan Mode          : Standard
Duration           : 1973
Found items        : 2
Total scanned      : 82236
Signatures Version : 20230704_071208
Truesight Driver   : Yes
Updates Count      : 1

************************* Warnings *************************

************************* Updates *************************
WinRAR 6.11 (64-bit) (64-bit), version 6.11.0
  [+] Available Version        : 6.22
  [+] Size                     : 8,16 MB
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Program Files\WinRAR\


************************* Processes *************************

************************* Modules *************************
>>>>>> Explorer.EXE (7780) -- C:\Windows\explorer.exe
└── [Tr.Gen (Malicioso)] Womtrust.dll (7780) -- C:\WINDOWS\Womtrust.dll -> Encontrado

************************* Services *************************

************************* Scheduled Tasks *************************

************************* Registry *************************

************************* WMI *************************

************************* Hosts File *************************
is_too_big      : No
hosts_file_path : C:\Windows\System32\drivers\etc\hosts


************************* Filesystem *************************
[Tr.Gen (Malicioso)] (file) womtrust.dll -- C:\Windows\womtrust.dll -> Encontrado

************************* Web Browsers *************************

************************* Antirootkit *************************

Program            : RogueKiller Anti-Malware
Version            : 15.11.0.0
x64                : Yes
Program Date       : Jun 22 2023
Location           : C:\USUARIO\Desktop\RogueKiller_portable64.exe
Premium            : No
Company            : Adlice Software
Website            : https://www.adlice.com/
Contact            : https://adlice.com/contact/
Website            : https://adlice.com/download/roguekiller/
Operating System   : Windows 10 (10.0.19045) 64-bit
64-bit OS          : Yes
Startup            : 0
WindowsPE          : No
User               : ArturoParra
User is Admin      : Yes
Date               : 2023/07/05 20:55:27
Type               : Removal
Aborted            : No
Scan Mode          : Standard
Duration           : 1973
Found items        : 2
Total scanned      : 82236
Signatures Version : 20230704_071208
Truesight Driver   : Yes
Updates Count      : 1

************************* Warnings *************************

************************* Removal *************************
[Tr.Gen (Malicioso)] Womtrust.dll -- %SystemRoot%\womtrust.dll -> Descargado
  [+] scan_what       : 2
  [+] vendors         : Tr.Gen
  [+] Name            : Womtrust.dll
  [+] value           : %SystemRoot%\womtrust.dll
  [+] Type            : DLL
  [+] file_hash       : C5BA737662FF8A5FE634B77B44B0BFA028AB7D756B9CC608026DA3D8B4CDB9BE
  [+] file_vtscore    : 0
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 2
  [+] id              : 0
  [+] status          : 3
  [+] status_str      : Descargado
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : 0

[Tr.Gen (Malicioso)] womtrust.dll -- %SystemRoot%\womtrust.dll -> Eliminado al reiniciar [5]
  [+] scan_what       : 1
  [+] vendors         : Tr.Gen
  [+] Name            : womtrust.dll
  [+] value           : %SystemRoot%\womtrust.dll
  [+] Type            : File/Folder
  [+] file_hash       : C5BA737662FF8A5FE634B77B44B0BFA028AB7D756B9CC608026DA3D8B4CDB9BE
  [+] file_vtscore    : 0
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 2
  [+] id              : 1
  [+] status          : 5
  [+] status_str      : Eliminado al reiniciar [5]
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : 0

Reinicié la pc y luego la apague. desde las 8:pm encendí la pc y solo me muestra la pantalla negra con el cursos, y no he podido reestablecerla.

Me ayudan por favor, gracias.

mario006 · 6 Julio, 2023 20:48

Buenas tardes volví a realizar otro revisada de virus y apareció esto. @Chicloi me puedes colaborar gracias.

Rkill 2.9.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2023 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 07/06/2023 12:17:01 PM in x64 mode.
Windows Version: Windows 10 Pro 

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

 * Reparse Point/Junctions Found (These may be legitimate)!

     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.P047767ce#\a3f94d6b49bceef7b2e68af2186f019f\Microsoft.PowerShell.Core.Activities.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.P1706cafe#\55722b63a4d2cd3572c66010c9f7beb6\Microsoft.PowerShell.Commands.Diagnostics.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.P34f388c1#\965b188059d8a9db1a0ae2e10008e67e\Microsoft.PowerShell.Diagnostics.Activities.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.P6f9a5e83#\b03c6827fd95b7e03a8970370dd3a8b4\Microsoft.PowerShell.Security.Activities.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.P9de5a786#\db912affef84ccea2b96f279fa73ef7e\Microsoft.PowerShell.Management.Activities.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.S88747207#\8484b33fdc89636bea1139c7d9aca62f\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Sb6a1f1bc#\c76b49192207dee7f4a506862f3625cf\Microsoft.Security.ApplicationId.PolicyManagement.XmlHelper.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.W0bb5dac4#\046b8dbd40156e420e433d9ea81ceac4\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.W193497eb#\b262d4896d23d6ec2158598dfab913f5\Microsoft.WSMan.Runtime.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.W3cdb5602#\b5edad93c5e911c9b41d348e7f25eda2\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.W69ef49d2#\3aed6f86be83b567925215409b02a695\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.W708fc392#\c331fa91822a3548fd7fe0610afb32c4\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.W79a81d80#\ba88673f5c1b56da045b260c6f76080a\Microsoft.Windows.Diagnosis.Commands.WriteDiagTelemetry.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Wad78daf4#\258b703e9634f5427897eebf7f33fd8d\Microsoft.Windows.Diagnosis.SDHost.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Wcffedcb4#\60e739f9716a504aa8ec3de22cb2162c\Microsoft.WindowsSearch.Commands.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Wd518ee0d#\76928893550b8f00cff81cee28959df5\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.We9f24001#\63f02ee1fed341def065215f0546f761\Microsoft.WSMan.Management.Activities.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Wed3937f9#\2eb29f02b3d397121e3fdf86467c90c3\Microsoft.Windows.Diagnosis.SDCommon.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\napinit\3a296341f1400d42c50ff8dc34d2c12b\napinit.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SecurityAudf6921413#\04cc6344cf9470f9c1e8267a52fd6493\SecurityAuditPoliciesSnapIn.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SrpUxSnapIn\9035841648c6d1cdbdf738635d38a86f\SrpUxSnapIn.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\TaskScheduler\328b39542d3b1c52ba8b0d369f51c48b\TaskScheduler.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Temp\2770-0\System.Management.Automation.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AuditPolicy42d3d2cc#\77fb961ae9598b786bc5b07dedc8715b\AuditPolicyGPManagedStubs.Interop.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\EventViewer\16cc4208a85b2b9dd6a7b06772c401e5\EventViewer.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.A26c32abb#\b238004672f5b22c4862675a10ea0a9d\Microsoft.ApplicationId.RuleWizard.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Abf69f55a#\617bfcc27fd4a4ef35cc3d775c659fc8\Microsoft.ApplicationId.Framework.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.C26a36d2b#\e32a971fc160995ee3eec5a82d91d0dc\Microsoft.CertificateServices.PKIClient.Cmdlets.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.C99be4d25#\8bc452cc237aadd0364ab2a7190d9ea2\Microsoft.ConfigCI.Commands.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.CSharp\0f48b29b13d536faf18826ea74a5d2c6\Microsoft.CSharp.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.CSharp\7be67b823fe069ba99a647033dd18831\Microsoft.CSharp.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.D0ff51f83#\833a4fcabdc4621a93dd4561461a504b\Microsoft.Dtc.PowerShell.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.G46fcc235#\a41afc0399a5b61d591aa49946754fc6\Microsoft.GroupPolicy.Interop.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.G91a07420#\ef33eba92b5e22ca7f5c084fc8b8e9df\Microsoft.GroupPolicy.Reporting.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Ga41585c2#\d80bafc4f7e4c608c0a91202d2ee9a89\Microsoft.GroupPolicy.AdmTmplEditor.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.I0cd65b90#\3951a3732f345206bcd54f0fc1662ea0\Microsoft.Isam.Esent.Interop.Wsa.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.I7676db1a#\0a95ee2ddb97a59c2792fdda59d71580\Microsoft.InternationalSettings.Commands.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Ic1a2041b#\9f609bd1155a463219395c8880d7c6c9\Microsoft.Isam.Esent.Interop.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Kd58820a5#\59367d086c542b3f1e38340c9d279d2d\Microsoft.KeyDistributionService.Cmdlets.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.M870d558a#\40efdaa4159efd21a771f60b9f8883bc\Microsoft.Management.Infrastructure.Native.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Mf5ac9168#\02231ffa0e9c561f802334294af245a1\Microsoft.Management.Infrastructure.CimCmdlets.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Mff1be75b#\5ee4d2e8301bf77c17b26013a4295b8b\Microsoft.ManagementConsole.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.P047767ce#\96bfc9b010d678b498b46c91195cd867\Microsoft.PowerShell.Core.Activities.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.P08ac43d5#\e627c0ec3b8bda4ccb2b393bba7757b8\Microsoft.PowerShell.Utility.Activities.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.P10d01611#\91367df68c6388e460e4de922186f7fe\Microsoft.PowerShell.Editor.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.P34f388c1#\7d8d38e90ed37f1cb29f1a579356819b\Microsoft.PowerShell.Diagnostics.Activities.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.P39041136#\89a577d714226711270bd137ec45051b\Microsoft.PowerShell.ScheduledJob.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.P655586bb#\8c4eb32566bbfe95a2123570b27e5e7b\Microsoft.PowerShell.Activities.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.P6f9a5e83#\dfa671c96ad6c560bd7cc140d3dde072\Microsoft.PowerShell.Security.Activities.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.P9de5a786#\6384f4104a61fed91b57dfdecd6757fa\Microsoft.PowerShell.Management.Activities.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Pad0e0718#\dae1c125ad5567c9c5a1b178ca0d3275\Microsoft.PowerShell.Cmdletization.OData.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Pd3efef62#\a77970f1884d8597e4da2dc3d2c795ae\Microsoft.PowerShell.ISECommon.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Pefb7a36b#\0429c06e9d5760ccc9d65e7557ea0d23\Microsoft.PowerShell.Workflow.ServiceCore.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.S0f8e494c#\7c8bbe2131fb69d0ab61a504dbeab7f9\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.S1bc92e04#\0b6c1fc09d5cd439b4f293494324841a\Microsoft.SecureBoot.Commands.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.S356e1ba0#\3cbd600714d6b059b71de1dad53ddfe2\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.S54faafb0#\55ca54f866493689a1961901fca0b7a5\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.S88747207#\a15adc8707e7a6ff513798b65c42bf1a\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Sa56e3556#\9b40b434ff0b4f1116dcb080b91aa69a\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Sb6a1f1bc#\4097979ddc7fc37bc51f8e69d8fde7b7\Microsoft.Security.ApplicationId.PolicyManagement.XmlHelper.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.T9d753d8c#\77b61133337932efa602a85258434442\Microsoft.Tpm.Commands.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.W193497eb#\4aec314f17af06118f992abebb2fcbeb\Microsoft.WSMan.Runtime.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.W2d29a719#\10a50686ddb1d11ff25f575b4a103384\Microsoft.Windows.DSC.CoreConfProviders.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.W2ded559f#\a19a1888ed28315347b7b8117938fba2\Microsoft.WindowsAuthenticationProtocols.Commands.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.W3cdb5602#\dc385ac35c870be07846932ad9d66921\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Wcffedcb4#\8bad2b484a8622fa0bd1a52b94395262\Microsoft.WindowsSearch.Commands.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Wd75d181a#\f8f24299de9ad899cae6c7910f1afdc5\Microsoft.Windows.Diagnosis.SDEngine.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.We9f24001#\5bf200fd98b065f8c77ad7be2a27fe4e\Microsoft.WSMan.Management.Activities.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MIGUIControls\d25637cb344fa7b46f25d60c4ee89e85\MIGUIControls.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MMCEx\9c9e34acaa8336d9e3b94821a18ba654\MMCEx.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MMCFxCommon\26dd4fc139d0c8b3876997683c654a14\MMCFxCommon.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\napcrypt\003acf4a4ee959b2e1e4b765bc697286\napcrypt.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\napinit\ab4822b750ca782449c8583a91632e7b\napinit.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\netstandard\07b9299ed96f8b30b81ca2f91effa743\netstandard.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\netstandard\1a354a5d09f879dad4e852bb995787a4\netstandard.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\netstandard\899767ce867fdb37071a753cbbbbb28a\netstandard.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\netstandard\979e2fd0af1501c16eb1a4453d247af3\netstandard.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SecurityAudf6921413#\3fa7fe2d3334a73d94316409aa3dcb34\SecurityAuditPoliciesSnapIn.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SrpUxSnapIn\685b5d31cf392834a3c7cfbce2e63083\SrpUxSnapIn.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web.28b9ef5a#\2bdf9b7335f4ef812c36f47f81814fc1\System.Web.Extensions.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web.28b9ef5a#\3eb5d0201635034865d3e567b9565ead\System.Web.Extensions.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web.28b9ef5a#\8fb44d265785ba5708ca3d815aa35710\System.Web.Extensions.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web.28b9ef5a#\c7b9e93ec25e2b71ca31fc965ad741fd\System.Web.Extensions.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web.28b9ef5a#\cc5711289f164819219c86f58c6cd60a\System.Web.Extensions.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web.28b9ef5a#\d9fa08efbd5bf32f8168525c4c24d3cb\System.Web.Extensions.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web.28b9ef5a#\dfc6b46d7b7288b18f4023767074c910\System.Web.Extensions.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web.28b9ef5a#\e0fc057268d7d2648ea1a71167a5e2e5\System.Web.Extensions.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Web.28b9ef5a#\f05edc67630d1eceb25cc440b105b16f\System.Web.Extensions.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\TaskScheduler\793265760c8229d33ace37ef813e3498\TaskScheduler.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Temp\2680-0\EventViewer.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\099be4bf0e2f4b90389a74f3f26bae1a\Windows.ApplicationModel.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\0a7f687e1fe288b864a6aabb44582371\Windows.ApplicationModel.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\28aa195ccdb094b6c5946c7d63d01c98\Windows.ApplicationModel.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\306b9d1a3003913eb8608203bbab9ec6\Windows.ApplicationModel.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\4155fdd00b952491f59e84f699379ba5\Windows.ApplicationModel.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\66f257d586ae10457003fd7626657a76\Windows.ApplicationModel.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\6acda18b44db61ab0caa183d650913e7\Windows.ApplicationModel.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\c1dbc7852380482d639ed90de6585cf0\Windows.ApplicationModel.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\e6723b1f5d6c422815eed4a4941d8483\Windows.ApplicationModel.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\fdf48db65ef9f379b96c2e87f0ca00a6\Windows.ApplicationModel.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\0712b81e533c6de03cd5058646b9228b\Windows.Storage.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\1053980fbc4d134dfde41585c05fb2dd\Windows.Storage.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\1e040d6f4d615b1a65dac7a72a7c9cf4\Windows.Storage.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\218540819eaa1161c96565b3796ad8c2\Windows.Storage.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\389a661ae55065e4c1876d6cf81bd5df\Windows.Storage.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\6f9ae94772060a2e698bd0b3af207b52\Windows.Storage.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\1d337134b9b42e53bc017ae60ae0b59d\Windows.System.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\5f5eca705f1eb36d2363512a07647dde\Windows.System.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\64a0c1c720b5cbe0cb41c3ab7a141faa\Windows.System.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\a5e7804114afd5e1d3a5e6ec3ee63666\Windows.System.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\ea01dd8ad38a42d2c7b1d213bc7c8a5c\Windows.System.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\f681d3d15e627a66ed696550bc9076bd\Windows.System.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\330e0bd7c71aa5772aa7aefb0177fc1d\Windows.UI.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\37f2822484db595e2492486cbbba998a\Windows.UI.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\c88157fd8676162fcb8c9ea62a2b422f\Windows.UI.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\1CF0959XYF\System.Windows.Forms.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\2QOT9LWW1V\System.Net.Http.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\2Y7EWSDJAJ\System.Runtime.Serialization.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\3NBHSNMCMA\System.ServiceProcess.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\5BRE9SJFBJ\System.Runtime.Serialization.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\5X8YI113HZ\System.Management.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\653ZOFUGW7\System.Configuration.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\6ALR5DE3H5\System.Transactions.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\6DPDJZHZUA\System.ServiceModel.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\6YFZIJW2KR\System.Data.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\79CK2TTLNF\System.Runtime.Serialization.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\7JDXH2P57Y\System.ServiceProcess.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\8W4RNGFMX8\System.Management.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\BAOIU2BTGB\System.Runtime.Serialization.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\C5KHXYBXEG\System.Net.Http.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\CN0M2LCVNU\System.Xml.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\CPUINLH8T7\System.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\D37S4MXOHM\System.Configuration.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\E3TTUZAYF7\System.Xaml.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\ERPEBU5OLT\System.Numerics.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\F9KT6M9N1B\System.ServiceModel.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\FS68LLZIN4\System.Net.Http.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\FXEN6RTL4B\System.ServiceProcess.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\GGL3MEPVRT\System.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\GOK6SB8K0U\System.Data.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\HCY3O7RP2Q\System.Xml.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\I54II2WEFO\System.Core.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\IAVVRN3849\System.Runtime.Serialization.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\JGMTNPZBTF\System.Core.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\K7QB8EGHBW\System.Configuration.Install.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\L9P5P7UPN0\System.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\NOOZRS6FOE\System.Xml.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\NTPR3RW5HK\System.Configuration.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\RFXQ0BDCWT\System.Runtime.Serialization.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\RQXP5QOA0C\System.Net.Http.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\S9RVM9XX05\System.Management.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\UUOG0DJGLI\System.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\UXQ1PFWYXZ\System.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\UYD6TZFUW9\System.Transactions.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\VBDMGMHPME\System.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\VF9YXD9C8J\System.Core.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\VLGVJN8P6U\System.Configuration.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\VNJYDXMPMO\System.Xml.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\WMKCK9L40Q\System.Xaml.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\WT2GYL8VG0\System.Drawing.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\XAZPRA4TF7\System.Management.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\XT99KUBPJ3\System.Xml.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\YAGI3HFGUG\System.Xml.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\YAUMTMKJS8\System.Core.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\temp\ZMAHVOVS19\System.Drawing.ni.dll => <Unknown Target> [File]

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * No issues found.

Program finished at: 07/06/2023 12:41:14 PM
Execution time: 0 hours(s), 24 minute(s), and 13 seconds(s)

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 6/7/23
Hora del análisis: 12:44
Archivo de registro: c13e9f76-1c24-11ee-af51-00ff0368f798.json

-Información del software-
Versión: 4.5.32.271
Versión de los componentes: 1.0.2051
Versión del paquete de actualización: 1.0.72001
Licencia: Caducado

-Información del sistema-
SO: Windows 10 (Build 19045.3155)
CPU: x64
Sistema de archivos: NTFS
Usuario: Arturo-Parra\ArturoParra

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 487371
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 2 hr, 37 min, 32 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Centra · 8 Julio, 2023 08:00

hola yo te puedo ayudar con el tema ese del administrador de tareas y lo que tenes que hacer es reiniciar el archivo explorer.exe y es facil tenes que apretar ahi donde dise archivo y escribir asi explorer.exe y le das abrir y ahi por lo menos ya podras buscar al navegador o si tenes suerte se te abre todo normalmente tengo windows 11 yo pero es igual

con el tema del virus ahi ya no se pero por lo menos te quiero aportar esto saludos

hola te cree las imagenes detalladas pero no me deja subirtelas por que no me deja insertar multimedia perdona soy nuevo

Marr0n · 19 Julio, 2023 19:44

Hola buenas @mario006

¿Sigues necesitando ayuda acerca del problema qué comentaste inicialmente en este tema?

Si es así, dímelo y atenderé tu caso.

Salu2.

mario006 · 21 Julio, 2023 15:31

Hola @Marr0n ya que lo mencionas, al parecer lo de la pantalla negra con el cursor se puede decir que se solucionó; pero al dar clic derecho a iconos del escritorio la pantalla parpadea y creo que tengo virus.

bloggif_64baa45143f3a

mario006 · 21 Julio, 2023 15:31

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 18-07-2023
Ejecutado por ArturoParra (21-07-2023 10:18:48)
Ejecutado desde C:\USUARIO\Desktop
Microsoft Windows 10 Pro Versión 22H2 19045.3208 (X64) (2020-06-25 17:20:57)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-1475189372-905897940-3643049737-500 - Administrator - Disabled)
ArturoParra (S-1-5-21-1475189372-905897940-3643049737-1001 - Administrator - Enabled) => C:\Users\USUARIO
DefaultAccount (S-1-5-21-1475189372-905897940-3643049737-503 - Limited - Disabled)
Invitado (S-1-5-21-1475189372-905897940-3643049737-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1475189372-905897940-3643049737-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Kaspersky Security Cloud (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
FW: Kaspersky Security Cloud (Disabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Anki (HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\Anki) (Version: 2.1.65 - )
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 115.1.56.9 - Los creadores de Brave)
Comprobación de estado de PC Windows (HKLM\...\{8B474A92-CE3A-4F46-B6F1-6DFA1390F826}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Documentation Manager (HKLM\...\{80145DEA-C9EB-4371-912B-1CBA18E35DDA}) (Version: 22.200.0.6 - Intel Corporation) Hidden
draw.io 21.6.1 (HKLM\...\27a75bf3-be48-5c35-934f-8491cf108abe) (Version: 21.6.1 - JGraph)
Glary Utilities PRO 5.208 (HKLM-x32\...\Glary Utilities 5) (Version: 5.208.0.237 - Glarysoft Ltd)
Intel Driver && Support Assistant (HKLM-x32\...\{0F7F6F7B-684E-435A-9FCE-C8A1F71EDA14}) (Version: 23.3.25.6 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{0703311b-31d5-4c17-9668-c48dee4b7749}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{34663e82-6c5e-4b48-b1b1-fee1881dc39b}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{7e58df71-ff1c-43fd-a618-5511b76c0dd9}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{b67002e1-a877-4be9-af96-6f8867bc5b12}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{f2a88096-3fb7-490f-b289-ad70b99a8f5e}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1950.14.0.1443 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{2FA1D256-7068-489B-9917-11A4C39D2AC5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{84784ACA-42D1-48CD-89FD-E7D8E39AE432}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{75BBE775-9A38-4D06-A47F-0518EA4C9AB7}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{0940A8E6-DBBC-4554-B07D-EBFB10627716}) (Version: 30.100.2020.7 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2020.7 - Intel Corporation)
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.58.48.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.58.48.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2391a86e-5ab5-40d2-a274-1867cd576686}) (Version: 1.58.48.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000200-0220-1034-84C8-B8D95FA3C8C3}) (Version: 22.200.0.2 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{0ddcdf18-17cd-44ad-af4e-ba6821421c30}) (Version: 23.3.25.6 - Intel)
Intel® Software Installer (HKLM-x32\...\{6d1acbfa-4ef7-4d9a-affa-d0362291ab65}) (Version: 22.200.0.6 - Intel Corporation) Hidden
Java 8 Update 361 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180361F0}) (Version: 8.0.3610.9 - Oracle Corporation)
Kaspersky (HKLM-x32\...\{E396C2E3-5292-33E9-949C-349C23D784D8}) (Version: 21.13.5.506 - Kaspersky) Hidden
Kaspersky (HKLM-x32\...\InstallWIX_{E396C2E3-5292-33E9-949C-349C23D784D8}) (Version: 21.13.5.506 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{4DC8ED2C-8DA1-3701-A234-66AF6EF1CEFF}) (Version: 21.13.5.506 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{4DC8ED2C-8DA1-3701-A234-66AF6EF1CEFF}) (Version: 21.13.5.506 - Kaspersky)
K-Lite Codec Pack 17.6.6 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 17.6.6 - KLCP)
Microsoft .NET Core Host - 3.1.28 (x64) (HKLM\...\{26ECE92F-518E-40AF-9108-7B7B444A46DE}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.28 (x64) (HKLM\...\{CDEA72F4-1367-4E0A-AC5F-0EBAF7C6825A}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.28 (x64) (HKLM\...\{3691148D-EF42-4812-8956-AE11FC413B8D}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.28 (x64) (HKLM-x32\...\{231e3b76-4d0f-4e60-9d69-f11c9c448630}) (Version: 3.1.28.31513 - Microsoft Corporation)
Microsoft .NET Host - 5.0.10 (x86) (HKLM-x32\...\{EEC610D2-6934-4567-A658-092A1429A21A}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.10 (x86) (HKLM-x32\...\{3B28977C-9163-48A5-A08C-C01327E18AE2}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.10 (x86) (HKLM-x32\...\{29F55E7D-9FB8-4F1D-A233-1F5995CB0FF5}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.10 (x86) (HKLM-x32\...\{EBD44C5E-F1AF-4955-AEDF-F15D06384A9C}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.10 (x86) (HKLM-x32\...\{17675144-2D5B-4BA3-AF21-A65F7D824149}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.10 (x86) (HKLM-x32\...\{98CA5A6B-4ECC-4E6D-BF18-6B20CBB6E5F4}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft Office LTSC Professional Plus 2021 - es-es (HKLM\...\ProPlus2021Volume - es-es) (Version: 16.0.15028.20160 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{E1F8AD73-09C5-434A-A2C4-15EC6B98CF21}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{C022DCCA-DEA7-458A-97D1-F5BD4AAEE4A0}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{ba8ab6bd-ad21-447e-b617-feee84353247}) (Version: 5.0.10.30418 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{DCE5198A-7449-4F9F-A630-C8363759D0FB}) (Version: 40.40.30418 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x86) (HKLM-x32\...\{0F3E4057-E2BB-4114-A646-F143DB5CE4C9}) (Version: 48.43.48870 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x86) (HKLM-x32\...\{9dd24b73-88e0-4f0f-882a-500e00d2bdef}) (Version: 6.0.10.31726 - Microsoft Corporation)
Nearby Share (HKLM\...\{DA6F3C20-298A-43EE-AA8D-6BABFC0458B0}) (Version: 1.0.993.0 - Google LLC)
NVIDIA Controlador de gráficos 461.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.40 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15028.20050 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15028.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.15028.20094 - Microsoft Corporation) Hidden
PDF-XChange PRO (HKLM\...\{B416D8DD-5E33-470D-AA7E-33A575D7C050}) (Version: 10.0.1.371 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange PRO (HKLM-x32\...\{ab034a58-cb22-4342-99a0-39f4f3107393}) (Version: 10.0.1.371 - Tracker Software Products (Canada) Ltd.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
Stardock Start10 (HKLM\...\Start10_is1) (Version: 1.7 - Stardock Software Inc.)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
YACReader v9.13.0.2307095 (HKLM\...\YACReader_is1) (Version: 9.13.0.2307095 - )

Packages:
=========
Centro de comando de gráficos Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4478.0_x64__8j3eq9eme6ctt [2023-07-06] (INTEL CORP) [Startup Task]
Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2023-07-06] (Microsoft Corporation)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-07-06] (Microsoft Corporation)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.30201.210.0_x64__rz1tebttyb220 [2023-07-20] (Dolby Laboratories)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_17.9.1008.0_x64__8j3eq9eme6ctt [2023-07-06] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-07-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-07-06] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2023-07-06] (Microsoft Studios) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2023-07-06] (Microsoft Corporation) [MS Ad]
Nearby Share -> C:\Program Files\Google\NearbyShare [2023-07-20] (Google LLC)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2023-07-20] (NVIDIA Corp.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b840211aa1b1b9ff\OptaneShellExt.dll [2020-04-30] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2023-03-26] (Glarysoft Ltd -> Glarysoft Ltd)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers1: [PDFTools Context menu] -> {e0e0016c-6025-4337-948f-0b655a18552b} => C:\Program Files\Tracker Software\PDF Tools\PDFXToolsShellMenu.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2023-03-26] (Glarysoft Ltd -> Glarysoft Ltd)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b840211aa1b1b9ff\OptaneShellExt.dll [2020-04-30] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_b169173487045715\nvshext.dll [2021-06-28] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2023-03-26] (Glarysoft Ltd -> Glarysoft Ltd)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\25989438.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\79264569.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMInstallerService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\25989438.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\79264569.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMInstallerService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
BHO: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> Ningún archivo
BHO: PDF-XChange IE Plugin -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
BHO-x32: Sin Nombre -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> Ningún archivo
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: PDF-XChange IE Plugin -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x86.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_361\bin\ssv.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_361\bin\jp2ssv.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - PDF-XChange IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
Toolbar: HKLM-x32 - PDF-XChange IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x86.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\sharepoint.com -> hxxps://esapedu-files.sharepoint.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2023-04-28 14:09 - 2023-04-28 14:09 - 000000836 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\;C:\Program Files (x86)\dotnet\
HKCU\Environment\\Path -> %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0)
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\SOFTWARE\Microsoft\Windows Security Health\State => (AppAndBrowser_StoreAppsSmartScreenOff: 0)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: brave => 2
MSCONFIG\Services: bravem => 3
MSCONFIG\Services: BraveVpnService => 3
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: cplspcon => 2
MSCONFIG\Services: DolbyDAXAPI => 2
MSCONFIG\Services: DSAService => 2
MSCONFIG\Services: DSAUpdateService => 3
MSCONFIG\Services: esifsvc => 2
MSCONFIG\Services: FMAPOService => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: GUBootService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: GUPMService => 3
MSCONFIG\Services: iaStorAfsService => 3
MSCONFIG\Services: igccservice => 2
MSCONFIG\Services: igfxCUIService2.0.0.0 => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2
MSCONFIG\Services: IntelAudioService => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: KSDE4.0 => 2
MSCONFIG\Services: KSDE5.13 => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvContainerLocalSystem => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: RstMwService => 2
MSCONFIG\Services: RtkAudioUniversalService => 2
MSCONFIG\Services: Start10 => 2
MSCONFIG\Services: SynTPEnhService => 3
MSCONFIG\Services: WMIRegistrationService => 2
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant"
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\StartupApproved\StartupFolder: => "Enviar a OneNote.lnk"
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_657D13B79E546278A54182F01334410B"
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\StartupApproved\Run: => "Opera Browser Assistant"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [TCP Query User{1D996501-8E9D-4A2F-BDD2-450E5B1A51E4}C:\program files\bravesoftware\brave-browser\application\brave.exe] => (Block) C:\program files\bravesoftware\brave-browser\application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [UDP Query User{800D6F95-0EBD-4C22-A051-696FF01CBAE7}C:\program files\bravesoftware\brave-browser\application\brave.exe] => (Block) C:\program files\bravesoftware\brave-browser\application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{13492E78-8D3A-4133-A97E-5D3D4150BD4D}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [TCP Query User{4F8858FA-EFFD-42F4-98A1-06B29AECF3B2}C:\usuario\downloads\compressed\sdio_1.12.14.755\sdio_r755.exe] => (Allow) C:\usuario\downloads\compressed\sdio_1.12.14.755\sdio_r755.exe => Ningún archivo
FirewallRules: [UDP Query User{F979F021-D4DF-401A-94DD-82F609FACFED}C:\usuario\downloads\compressed\sdio_1.12.14.755\sdio_r755.exe] => (Allow) C:\usuario\downloads\compressed\sdio_1.12.14.755\sdio_r755.exe => Ningún archivo
FirewallRules: [TCP Query User{6AEBEE97-A898-434C-8429-E6895AF1EECF}C:\usuario\downloads\compressed\sdio_1.12.14.755\sdio_x64_r755.exe] => (Allow) C:\usuario\downloads\compressed\sdio_1.12.14.755\sdio_x64_r755.exe => Ningún archivo
FirewallRules: [UDP Query User{049AAC98-BBBD-4E43-8868-63623A1D93F3}C:\usuario\downloads\compressed\sdio_1.12.14.755\sdio_x64_r755.exe] => (Allow) C:\usuario\downloads\compressed\sdio_1.12.14.755\sdio_x64_r755.exe => Ningún archivo
FirewallRules: [{41D4B8B0-43FB-43C6-9666-66611E7F1395}] => (Allow) C:\Program Files\Google\NearbyShare\nearby_share.exe (Google LLC -> Google)
FirewallRules: [{37159DA8-3459-4CF4-982A-3B425025A4FE}] => (Allow) C:\Program Files\Google\NearbyShare\nearby_share.exe (Google LLC -> Google)

==================== Puntos de Restauración =========================


==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (07/21/2023 10:10:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: explorer.exe, versión: 10.0.19041.3155, marca de tiempo: 0x5772a955
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000000000
Identificador del proceso con errores: 0x2078
Hora de inicio de la aplicación con errores: 0x01d9bbe5714e8c04
Ruta de acceso de la aplicación con errores: C:\WINDOWS\explorer.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: e6e64a71-e189-4179-8a2a-2f5bcc1edba3
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (07/21/2023 10:05:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: explorer.exe, versión: 10.0.19041.3155, marca de tiempo: 0x5772a955
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000000000
Identificador del proceso con errores: 0x1ec0
Hora de inicio de la aplicación con errores: 0x01d9bbe48baa41be
Ruta de acceso de la aplicación con errores: C:\WINDOWS\explorer.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: 989d6f0a-e63b-4dd1-9a66-d701f71a2c74
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (07/21/2023 10:03:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: explorer.exe, versión: 10.0.19041.3155, marca de tiempo: 0x5772a955
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000000000
Identificador del proceso con errores: 0x25c8
Hora de inicio de la aplicación con errores: 0x01d9bbe46ad067c4
Ruta de acceso de la aplicación con errores: C:\WINDOWS\explorer.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: 35a367a1-e92e-404b-8176-c913f8520b3d
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (07/21/2023 10:02:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: explorer.exe, versión: 10.0.19041.3155, marca de tiempo: 0x5772a955
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000000000
Identificador del proceso con errores: 0x164c
Hora de inicio de la aplicación con errores: 0x01d9bbe442c1d0d3
Ruta de acceso de la aplicación con errores: C:\WINDOWS\explorer.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: 0b9e43d2-b092-4000-9f5e-2e60b4b1bda7
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (07/21/2023 10:01:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: explorer.exe, versión: 10.0.19041.3155, marca de tiempo: 0x5772a955
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000000000
Identificador del proceso con errores: 0x1550
Hora de inicio de la aplicación con errores: 0x01d9bbe35194035f
Ruta de acceso de la aplicación con errores: C:\WINDOWS\explorer.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: b031c8bc-5df5-49e0-875b-3d22684033f4
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (07/21/2023 09:54:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Explorer.EXE, versión: 10.0.19041.3155, marca de tiempo: 0x5772a955
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000000000
Identificador del proceso con errores: 0x620
Hora de inicio de la aplicación con errores: 0x01d9bbe1e2d40401
Ruta de acceso de la aplicación con errores: C:\WINDOWS\Explorer.EXE
Ruta de acceso del módulo con errores: unknown
Identificador del informe: f99ab6c6-bb9b-469b-a1c3-9e1c6fd226d9
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (07/20/2023 06:39:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SDIO_x64_R755.exe, versión: 1.12.14.755, marca de tiempo: 0x64b7633d
Nombre del módulo con errores: SDIO_x64_R755.exe, versión: 1.12.14.755, marca de tiempo: 0x64b7633d
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000001c85e
Identificador del proceso con errores: 0x700
Hora de inicio de la aplicación con errores: 0x01d9bb5deb728e70
Ruta de acceso de la aplicación con errores: C:\USUARIO\Downloads\Compressed\SDIO_1.12.14.755\SDIO_x64_R755.exe
Ruta de acceso del módulo con errores: C:\USUARIO\Downloads\Compressed\SDIO_1.12.14.755\SDIO_x64_R755.exe
Identificador del informe: 75cb1e30-5557-4a64-97b0-6d7fe5bb2781
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (07/20/2023 04:55:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa drivermax.exe (versión 15.14.0.14) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 1128

Hora de Inicio: 01d9bb54bef1a39e

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe

Id. de informe: 980ffe95-6ed6-4b30-a7d2-f69e86c3b91c

Nombre completo del paquete con errores: 

Id. de la aplicación relativa al paquete con errores: 

Tipo de bloqueo: Top level window is idle


Errores del sistema:
=============
Error: (07/21/2023 10:10:17 AM) (Source: DCOM) (EventID: 10001) (User: ARTURO-PARRA)
Description: No se puede iniciar un servidor DCOM: {AD54D7CA-052D-4730-B0F2-2BA34D3438DC} como No disponible/No disponible. Error 
"2147942403"
al iniciar este comando:
"C:\WINDOWS\system32\DllHost.exe" /Processid:{AD54D7CA-052D-4730-B0F2-2BA34D3438DC}

Error: (07/21/2023 10:10:15 AM) (Source: DCOM) (EventID: 10001) (User: ARTURO-PARRA)
Description: No se puede iniciar un servidor DCOM: {AD54D7CA-052D-4730-B0F2-2BA34D3438DC} como No disponible/No disponible. Error 
"2147942403"
al iniciar este comando:
"C:\WINDOWS\system32\DllHost.exe" /Processid:{AD54D7CA-052D-4730-B0F2-2BA34D3438DC}

Error: (07/21/2023 10:10:15 AM) (Source: DCOM) (EventID: 10001) (User: ARTURO-PARRA)
Description: No se puede iniciar un servidor DCOM: {AD54D7CA-052D-4730-B0F2-2BA34D3438DC} como No disponible/No disponible. Error 
"2147942403"
al iniciar este comando:
"C:\WINDOWS\system32\DllHost.exe" /Processid:{AD54D7CA-052D-4730-B0F2-2BA34D3438DC}

Error: (07/21/2023 10:06:21 AM) (Source: DCOM) (EventID: 10001) (User: ARTURO-PARRA)
Description: No se puede iniciar un servidor DCOM: {AD54D7CA-052D-4730-B0F2-2BA34D3438DC} como No disponible/No disponible. Error 
"2147942403"
al iniciar este comando:
"C:\WINDOWS\system32\DllHost.exe" /Processid:{AD54D7CA-052D-4730-B0F2-2BA34D3438DC}

Error: (07/21/2023 10:05:49 AM) (Source: DCOM) (EventID: 10001) (User: ARTURO-PARRA)
Description: No se puede iniciar un servidor DCOM: {AD54D7CA-052D-4730-B0F2-2BA34D3438DC} como No disponible/No disponible. Error 
"2147942403"
al iniciar este comando:
"C:\WINDOWS\system32\DllHost.exe" /Processid:{AD54D7CA-052D-4730-B0F2-2BA34D3438DC}

Error: (07/21/2023 10:05:49 AM) (Source: DCOM) (EventID: 10001) (User: ARTURO-PARRA)
Description: No se puede iniciar un servidor DCOM: {AD54D7CA-052D-4730-B0F2-2BA34D3438DC} como No disponible/No disponible. Error 
"2147942403"
al iniciar este comando:
"C:\WINDOWS\system32\DllHost.exe" /Processid:{AD54D7CA-052D-4730-B0F2-2BA34D3438DC}

Error: (07/21/2023 10:05:49 AM) (Source: DCOM) (EventID: 10001) (User: ARTURO-PARRA)
Description: No se puede iniciar un servidor DCOM: {AD54D7CA-052D-4730-B0F2-2BA34D3438DC} como No disponible/No disponible. Error 
"2147942403"
al iniciar este comando:
"C:\WINDOWS\system32\DllHost.exe" /Processid:{AD54D7CA-052D-4730-B0F2-2BA34D3438DC}

Error: (07/21/2023 10:05:49 AM) (Source: DCOM) (EventID: 10001) (User: ARTURO-PARRA)
Description: No se puede iniciar un servidor DCOM: {AD54D7CA-052D-4730-B0F2-2BA34D3438DC} como No disponible/No disponible. Error 
"2147942403"
al iniciar este comando:
"C:\WINDOWS\system32\DllHost.exe" /Processid:{AD54D7CA-052D-4730-B0F2-2BA34D3438DC}


Windows Defender:
================
Date: 2023-07-04 20:58:22
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {C7861759-A27A-429C-AB50-4D68B76D5381}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2023-07-04 12:49:28
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {33855B17-3FED-4E6F-955A-0D8538EA9FEF}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2023-07-04 11:25:41
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {A1BDEFA8-64FA-4681-9014-3803F93BCA52}
Tipo de examen: Antimalware
Parámetros de examen: Examen completo
Usuario: ARTURO-PARRA\ArturoParra

Date: 2023-06-14 15:18:31
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {A70AC08A-0B1B-4C74-9071-11F9B05A6A2E}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2023-06-13 15:12:11
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {4B56C585-B633-449F-AF87-A9DC27E5F6A9}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-06-09 16:04:42
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.385.169.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.20100.6
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2023-06-09 16:04:42
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.385.169.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.20100.6
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2023-06-09 16:04:42
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.385.169.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.20100.6
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2023-06-09 16:04:42
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.385.169.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.20100.6
Código de error: 0x80072ee2
Descripción del error: Se superó el tiempo de espera para la operación 

Date: 2023-06-09 16:04:42
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.385.169.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.20100.6
Código de error: 0x80072ee2
Descripción del error: Se superó el tiempo de espera para la operación 

CodeIntegrity:
===============
Date: 2023-07-20 22:07:13
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\com_antivirus.dll that did not meet the Windows signing level requirements.


==================== Información de la memoria =========================== 

BIOS: LENOVO ASCN51WW 05/14/2021
Placa base: LENOVO LNVNB161216
Procesador: Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz
Porcentaje de memoria en uso: 45%
RAM física total: 8072.24 MB
RAM física disponible: 4378.37 MB
Virtual total: 9352.24 MB
Virtual disponible: 4820.83 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:121.18 GB) (Free:32.79 GB) (Model: WDC WD10SPZX-24Z10) NTFS
Drive d: () (Fixed) (Total:809.44 GB) (Free:760.7 GB) (Model: WDC WD10SPZX-24Z10) NTFS

\\?\Volume{a4b7e769-d565-440a-9612-4b7e1b490f63}\ () (Fixed) (Total:0.77 GB) (Free:0.08 GB) NTFS
\\?\Volume{d3283a6c-63f3-40a4-b14d-3705c18f7b97}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Final de Addition.txt =======================

mario006 · 21 Julio, 2023 15:32

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 18-07-2023
Ejecutado por ArturoParra (administrador) sobre ARTURO-PARRA (LENOVO 81MU) (21-07-2023 10:14:45)
Ejecutado desde C:\USUARIO\Desktop\FRST64.exe
Perfiles cargados: ArturoParra
Plataforma: Microsoft Windows 10 Pro Versión 22H2 19045.3208 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Brave
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.139\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.139\BraveCrashHandler64.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avpui.exe
(EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4478.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(Glarysoft Ltd -> Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_e75a3d1c39bebe3f\DAX3API.exe <2>
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4478.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DisplaySwitch.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076728 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Nearby Share] => C:\Program Files\Google\NearbyShare\nearby_share_launcher.exe [1355544 2023-06-24] (Google LLC -> Google)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe [3283992 2023-07-19] (Brave Software, Inc. -> Brave Software, Inc.)
HKU\S-1-5-21-1475189372-905897940-3643049737-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\...\Print\Monitors\PDF-XChange Standard Port Monitor: C:\WINDOWS\system32\pxcpm.dll [983688 2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> "C:\Program Files (x86)\Microsoft\Edge\Application\114.0.1823.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\115.1.56.9\Installer\chrmstp.exe [2023-07-19] (Brave Software, Inc. -> Brave Software, Inc.)
BootExecute: autocheck autochk *  
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) =================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {769A0D54-C64A-44D2-872A-8771F7F1A0CC} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe  -mode=scheduled (Ningún archivo)
Task: {59598B8B-A2BB-4B2E-8503-C8363D4FCD50} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{603269AD-5960-4DB8-B286-41EDEB27CABE} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2022-10-16] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {542F562C-8572-48A1-BB67-FEDAF5216594} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{75755994-8C1B-423C-BEE7-85482A950B5B} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2022-10-16] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {BDABBFB1-EA2F-40B7-AEDA-3B35A05571CF} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5308592 2023-07-02] (Microsoft Windows -> Microsoft Corporation)
Task: {DD434DBE-C815-4458-A4F2-F686D9EA9D43} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\USUARIO\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe  LOGON (Ningún archivo)
Task: {0BB2CC84-540A-48B6-A3D1-B86D26EAB4B0} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\USUARIO\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe  SCHED (Ningún archivo)
Task: {37641224-4EC0-4BDA-BDBC-133A2E38DBF6} - System32\Tasks\GlaryOneClickOptimizer 5 => C:\Program Files (x86)\Glary Utilities 5\OneClickMaintenance.exe [244120 2023-07-14] (Glarysoft Ltd -> Glarysoft Ltd)
Task: {3B315497-D3B2-47F8-87F6-D2B8B4859F43} - System32\Tasks\Google\Nearby Share => C:\Program Files\Google\NearbyShare\nearby_share_launcher.exe [1355544 2023-06-24] (Google LLC -> Google)
Task: {6142F38C-CB6E-4D8E-A040-63DB3924B56C} - System32\Tasks\Google\Nearby Share Purge CrashDumps => C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell.exe [492032 2023-04-27] (Microsoft Windows -> Microsoft Corporation) -> -NoProfile -NoLogo -NonInteractive -ExecutionPolicy Bypass -windowstyle Hidden -Command (Get-ChildItem -Path "C:\WINDOWS\system32\config\systemprofile\AppData\Local\Google\Nearby\Sharing\CrashDumps\reports" | Where-Object {($_.LastWriteTime -lt (Get-Date).AddDays(-30))} | Remove-Item)
Task: {AB785592-583D-4104-BAB5-EF0653ADAFF8} - System32\Tasks\Google\Nearby Share Purge Logs => C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell.exe [492032 2023-04-27] (Microsoft Windows -> Microsoft Corporation) -> -NoProfile -NoLogo -NonInteractive -ExecutionPolicy Bypass -windowstyle Hidden -Command (Get-ChildItem -Path "C:\WINDOWS\system32\config\systemprofile\AppData\Local\Google\Nearby\Sharing\Logs" | Where-Object {($_.LastWriteTime -lt (Get-Date).AddDays(-30))} | Remove-Item)
Task: {906E9AE2-4127-44F0-A1CC-D1430A136D42} - System32\Tasks\Google\Nearby Share Relaunch => C:\Program Files\Google\NearbyShare\nearby_share_launcher.exe [1355544 2023-06-24] (Google LLC -> Google)
Task: {6F180949-3E20-43B0-9F4C-E6D8E8EF988F} - System32\Tasks\GoogleUpdateTaskMachineCore{61DB55E4-1F1F-4822-8876-E5338D1D5219} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-06-11] (Google LLC -> Google LLC)
Task: {0002A176-800C-474F-A42D-8F55110691CD} - System32\Tasks\GoogleUpdateTaskMachineUA{98ED26A5-DE09-4A1A-811F-3FCFAB9F563C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-06-11] (Google LLC -> Google LLC)
Task: {0997F244-33FD-4AFC-92FD-448F5235F02C} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2022-12-14] () [Archivo no firmado]
Task: {21F4AA4A-A044-4328-8E40-7EE3064B87F9} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1475189372-905897940-3643049737-1001 => "C:\Users\USUARIO\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe"  (Ningún archivo)
Task: {26B558AF-6CAE-4047-9700-6E6D600590A1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22865832 2022-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {CAC8A661-1FDE-4A95-AF2F-97D4673525F8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22865832 2022-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {21198DF3-7F3A-4A61-ADCD-7217DE3381CB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138680 2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {427803A3-252F-465F-8C86-97ECF88A34EC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138680 2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {51C3B664-D63E-4A5F-96D4-CBB595DE82F3} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61336 2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {7AF053A0-4ED6-4FF3-B3F5-714EC56E0F69} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8338896 2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {698A3446-E4F0-48B8-BC86-1C91ADE5053B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8338896 2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {8C6490D7-10FD-4761-96DD-F6EC17F94927} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe  /c (Ningún archivo)
Task: {52E45396-CFB1-413C-B008-1B8DA5184C29} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe  /ua /installsource scheduler (Ningún archivo)
Task: {42060297-FA15-4369-BCD3-B94FB2F05714} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {13D9E5E7-C2C5-44B9-A35A-2AC27DF9B6E9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {0517CE26-1BBE-4DD0-9F73-D0195A815B33} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B1CB4E6B-730F-4476-A48C-D2D682FD39D1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {76694EBF-0344-49D0-AC99-17EFFBC6D0B2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0CB98714-08C5-4507-92A6-4DB182F6A5B7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {09DDCC2A-FBA9-422A-A4D2-F575E703017A} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4CFA5F76-07B0-4132-9BFB-9A7D326E747C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B1CCA928-7383-4F17-9EF5-960B955991BC} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C87D4407-0B19-4C18-A6D8-3675E06898D4} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {429E033B-1B81-46D4-8A6D-C7FCC355D6CD} - System32\Tasks\Remove AdwCleaner Application => C:\Windows\system32\CMD.EXE [289792 2021-01-14] (Microsoft Windows -> Microsoft Corporation) -> /C DEL /F /Q "C:\USUARIO\Desktop\AdwCleaner.exe"
Task: {A13C52D8-A233-47BB-81DF-2560AAF1033B} - System32\Tasks\TVT\TVSUUpdateTask => "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe"  /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask (Ningún archivo)
Task: {C9897783-007C-4577-B41C-B2BD65D4C8AA} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe"  PendingTask (Ningún archivo)
Task: {0CEAB669-B7E4-42AD-9B4D-F40B440884DC} - System32\Tasks\Uninstall AdwCleaner Application => C:\USUARIO\Desktop\AdwCleaner.exe  /uninstall (Ningún archivo)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog9 17 %windir%\system32\vsocklib.dll => Ningún archivo 
Winsock: Catalog9 18 %windir%\system32\vsocklib.dll => Ningún archivo 
Winsock: Catalog9-x64 17 %windir%\system32\vsocklib.dll => Ningún archivo 
Winsock: Catalog9-x64 18 %windir%\system32\vsocklib.dll => Ningún archivo 
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{12bcacf5-d72b-40e9-95cf-ed275e5c3760}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{12bcacf5-d72b-40e9-95cf-ed275e5c3760}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{af2ecd92-96f2-43a5-9e2c-04459cd99b93}: [DhcpNameServer] 1.1.1.1 1.0.0.1

Edge: 
=======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\USUARIO\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-07-20]
Edge Extension: (Kaspersky Protection) - C:\Users\USUARIO\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2023-07-03]
Edge Extension: (Edge relevant text changes) - C:\Users\USUARIO\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-07-03]
Edge HKLM\...\Edge\Extension: [djmbpijobamaimdblhkpclfnpkiogeoo]
Edge HKU\S-1-5-21-1475189372-905897940-3643049737-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKLM-x32\...\Edge\Extension: [djmbpijobamaimdblhkpclfnpkiogeoo]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Ningún archivo]
FF Plugin-x32: @java.com/DTPlugin,version=11.361.2 -> C:\Program Files (x86)\Java\jre1.8.0_361\bin\dtplugin\npDeployJava1.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.361.2 -> C:\Program Files (x86)\Java\jre1.8.0_361\bin\plugin2\npjp2.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-09-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1475189372-905897940-3643049737-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1475189372-905897940-3643049737-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1475189372-905897940-3643049737-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-06-28] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM\...\Chrome\Extension: [blgipgnbmnikbdecnjmgckmndlkebhid]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [blgipgnbmnikbdecnjmgckmndlkebhid]

Brave: 
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-07-21]
BRA Extension: (PDF-XChange) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\blgipgnbmnikbdecnjmgckmndlkebhid [2023-07-08]
BRA Extension: (Adobe Acrobat: herramientas para convertir, editar y firmar PDFs) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-07-21]
BRA Extension: (Highlighter) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fdfcjfoifbjplmificlkdfneafllkgmn [2023-06-26]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-07-20]
BRA Profile: C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\Guest Profile [2023-07-20]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-07-20]
BRA Extension: (Brave NTP background images) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-06-08]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-07-21]
BRA Extension: (Wallet Data Files Updater) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-07-17]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-07-21]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-12-02]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2023-05-16]
BRA Extension: (Brave Ad Block Updater (EasyList Spanish (plaintext))) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\fejmaeodjeekfldnbegjagemjgnmhfof [2023-07-21]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-06-25]
BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-07-21]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-05-09]
BRA Extension: (Brave Ad Block Updater (Easylist-Cookie List - Filter Obtrusive Cookie Notices)) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\lfgnenkkneohplacnfabidofpgcdpofm [2022-12-02]
BRA Extension: (Brave Ad Block Updater (Adguard Spanish/Portuguese (plaintext))) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\meimhmgfbckapkbbbdaoefgnbppmkodp [2023-07-21]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-07-20]
BRA Extension: (Brave NTP sponsored images) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\ogdjnhmejccgjdnclbeghpffmecndeai [2023-07-21]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-07-18]
BRA Extension: (Brave Ad Block Updater (EasyList Spanish)) - C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\pdecoifadfkklajdlmndjpkhabpklldh [2022-12-02]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AVP21.13; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe [32008 2023-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S4 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2022-10-16] (Brave Software, Inc. -> BraveSoftware Inc.)
S4 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2022-10-16] (Brave Software, Inc. -> BraveSoftware Inc.)
S4 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\115.1.56.9\brave_vpn_helper.exe [3178008 2023-07-19] (Brave Software, Inc. -> Brave Software, Inc.)
R3 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11666384 2022-03-29] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_e75a3d1c39bebe3f\DAX3API.exe [2363432 2023-05-18] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S4 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [43272 2023-07-03] (Intel Corporation -> Intel)
S4 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [212744 2023-07-03] (Intel Corporation -> Intel)
S4 FMAPOService; C:\WINDOWS\System32\FMService64.exe [381808 2020-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S4 GUBootService; C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe [886528 2023-01-14] (Glarysoft LTD -> Glarysoft Ltd)
S4 GUPMService; C:\Program Files (x86)\Glary Utilities 5\GUPMService.exe [76688 2023-07-14] (Glarysoft Ltd -> Glarysoft Ltd)
S3 klvssbridge64_21.13; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\vssbridge64.exe [501008 2023-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S4 KSDE5.13; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.13\ksde.exe [32008 2023-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402216 2023-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 Start10; C:\Program Files (x86)\Stardock\Start10\Start10Srv.exe [220440 2019-04-19] (Stardock Corporation -> Stardock Software, Inc)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe [3232576 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe [133592 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Browser; %SystemRoot%\System32\browser.dll [X]
S4 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_b169173487045715\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_b169173487045715\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [112336 2019-10-02] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
S3 clwvd7; C:\WINDOWS\System32\drivers\clwvd7.sys [42968 2015-03-24] (CyberLink Corp. -> CyberLink Corporation)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [240264 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [23568 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
S3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R1 klbackupdisk.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klbackupdisk.sys [112936 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klbackupflt.sys [234216 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\kldisk.sys [125736 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [53576 2023-04-15] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 KLFLT.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klflt.sys [548072 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klgse.sys [729136 2023-07-03] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLHK.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klhk.sys [1822784 2023-07-03] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids.Kaspersky4Win-21-13; C:\ProgramData\Kaspersky Lab\AVP21.13\Bases\klids.sys [235704 2023-06-28] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klif.sys [1163544 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [98552 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klkbdflt.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klkbdflt.sys [115960 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klmouflt.sys [113448 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klpd.sys [80672 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klpnpflt.sys [98040 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltun; C:\WINDOWS\system32\DRIVERS\kltun.sys [86776 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_Kaspersky4Win-21-13_arkmon; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_arkmon.sys [368416 2023-06-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_Kaspersky4Win-21-13_klark; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_klark.sys [350848 2023-06-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_Kaspersky4Win-21-13_klbg; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_klbg.sys [179864 2023-06-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_Kaspersky4Win-21-13_mark; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_mark.sys [259440 2023-06-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klwfp.sys [179960 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klwtp.sys [415480 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\kneps.sys [340208 2023-06-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 necbatt; C:\WINDOWS\System32\drivers\necbatt.sys [34880 2018-05-09] (NEC Personal Computers, Ltd. -> NEC Personal Computers, Ltd.)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [50248 2020-07-06] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [48136 2021-05-13] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2023-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [498944 2023-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99568 2023-06-13] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2023-07-21 10:10 - 2023-07-21 10:15 - 000000000 ____D C:\FRST
2023-07-20 18:56 - 2023-05-16 08:07 - 008895760 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw08.sys
2023-07-20 18:56 - 2023-05-16 08:07 - 001474832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter08.dll
2023-07-20 18:26 - 2021-08-09 12:27 - 001133336 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\IntcOED.sys
2023-07-20 18:01 - 2023-03-08 06:17 - 000059928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2023-07-20 17:48 - 2023-07-20 17:48 - 000000000 ____D C:\ProgramData\Dolby
2023-07-20 17:48 - 2023-05-17 18:13 - 006472072 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2023-07-20 17:48 - 2022-09-29 19:40 - 000426112 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPEnhService.exe
2023-07-20 16:54 - 2023-07-20 16:58 - 000000000 ____D C:\Users\USUARIO\AppData\Local\Innovative Solutions
2023-07-20 16:54 - 2023-07-20 16:54 - 000000000 ____D C:\Users\USUARIO\My Drivers
2023-07-20 16:54 - 2023-07-20 16:54 - 000000000 ____D C:\My Drivers
2023-07-20 14:54 - 2023-07-20 14:54 - 000000759 _____ C:\DelFix.txt
2023-07-20 12:01 - 2023-07-20 12:01 - 000000000 ____D C:\Users\USUARIO\AppData\Local\ZHP
2023-07-14 20:26 - 2023-07-14 20:41 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\stemroller
2023-07-12 15:15 - 2023-07-12 15:15 - 000000000 ___HD C:\$WinREAgent
2023-07-11 18:26 - 2023-07-11 18:45 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\BVUElementary
2023-07-11 12:13 - 2023-07-11 12:16 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\LibgenDesktop
2023-07-08 19:18 - 2023-07-08 19:22 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Tracker Software
2023-07-08 19:18 - 2023-07-08 19:18 - 000000000 ____D C:\Users\USUARIO\AppData\Local\Tracker Software
2023-07-08 19:17 - 2023-07-08 19:17 - 000001271 _____ C:\Users\Public\Desktop\PDF-XChange Office2PDF.lnk
2023-07-08 19:17 - 2023-07-08 19:17 - 000001125 _____ C:\Users\Public\Desktop\PDF-XChange Editor.lnk
2023-07-08 19:17 - 2023-07-08 19:17 - 000001105 _____ C:\Users\Public\Desktop\PDF Tools.lnk
2023-07-08 19:17 - 2023-07-08 19:17 - 000000000 ____D C:\ProgramData\Tracker Software
2023-07-08 19:17 - 2023-07-08 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software
2023-07-08 19:17 - 2023-07-08 19:17 - 000000000 ____D C:\ProgramData\FileOpen
2023-07-08 19:17 - 2023-07-08 19:17 - 000000000 ____D C:\Program Files\Tracker Software
2023-07-08 19:17 - 2023-06-28 17:13 - 000983688 _____ (Tracker Software Products (Canada) Ltd.) C:\WINDOWS\system32\pxcpm.dll
2023-07-07 15:37 - 2023-07-07 15:37 - 000003662 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2023-07-07 13:47 - 2023-07-07 13:47 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-ARTURO-PARRA-Windows-10-Pro-(64-bit).dat
2023-07-06 11:46 - 2023-07-06 11:46 - 000001538 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2023-07-05 15:18 - 2023-07-06 05:35 - 000000000 ____D C:\ProgramData\RogueKiller
2023-07-04 08:40 - 2023-07-07 15:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-07-04 08:40 - 2023-07-04 08:40 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\3241273E.sys
2023-07-03 19:19 - 2023-07-03 19:19 - 000003294 _____ C:\WINDOWS\system32\Tasks\Remove AdwCleaner Application
2023-07-03 19:19 - 2023-07-03 19:19 - 000003276 _____ C:\WINDOWS\system32\Tasks\Uninstall AdwCleaner Application
2023-06-27 11:42 - 2023-07-19 10:08 - 000000000 ____D C:\Users\USUARIO\OneDrive\Documentos\Carro_Monica
2023-06-26 14:36 - 2023-06-26 14:36 - 000000568 _____ C:\Users\USUARIO\OneDrive\Documentos\Singing Success 360.txt
2023-06-21 13:58 - 2023-06-21 13:58 - 000003868 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2023-06-21 13:58 - 2023-06-21 13:58 - 000003426 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2023-07-21 10:11 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-07-21 10:10 - 2020-07-16 15:00 - 000000000 ____D C:\Users\USUARIO\AppData\Local\CrashDumps
2023-07-21 10:07 - 2022-03-15 07:15 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2023-07-21 10:07 - 2020-09-13 09:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2023-07-21 10:07 - 2020-09-13 09:57 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\NCH Software
2023-07-21 10:07 - 2020-06-25 11:30 - 000000000 ____D C:\Users\USUARIO
2023-07-21 10:06 - 2020-06-22 15:59 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\vlc
2023-07-21 09:46 - 2022-10-04 19:23 - 000000000 ____D C:\Program Files (x86)\Google
2023-07-21 09:46 - 2021-12-18 22:42 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-07-20 22:43 - 2023-06-11 11:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Google
2023-07-20 22:42 - 2022-10-04 19:24 - 000000000 ____D C:\Program Files\Google
2023-07-20 22:02 - 2022-01-18 16:46 - 000008192 ___SH C:\DumpStack.log.tmp
2023-07-20 22:02 - 2020-06-25 12:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-07-20 22:02 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-07-20 22:01 - 2019-12-07 04:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-07-20 21:55 - 2020-06-25 11:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-07-20 20:57 - 2021-02-21 16:14 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-07-20 18:58 - 2020-06-25 12:09 - 001773056 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-07-20 18:58 - 2019-12-07 09:55 - 000777334 _____ C:\WINDOWS\system32\perfh00A.dat
2023-07-20 18:58 - 2019-12-07 09:55 - 000152056 _____ C:\WINDOWS\system32\perfc00A.dat
2023-07-20 18:58 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2023-07-20 17:50 - 2021-02-15 11:09 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-07-20 17:50 - 2019-12-07 08:15 - 000000000 ____D C:\Users\USUARIO\AppData\Local\Packages
2023-07-20 17:50 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-07-20 17:48 - 2020-06-25 11:24 - 000000000 ____D C:\WINDOWS\system32\dolbyaposvc
2023-07-20 16:55 - 2019-12-07 08:22 - 000000000 ____D C:\Users\USUARIO\AppData\Local\D3DSCache
2023-07-20 16:23 - 2023-01-04 11:33 - 000000000 ____D C:\Temp
2023-07-20 12:28 - 2022-03-15 07:15 - 000001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2023-07-20 12:18 - 2020-07-06 11:15 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\ZHP
2023-07-19 19:44 - 2022-10-16 20:15 - 000002372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2023-07-19 17:04 - 2023-06-13 18:54 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Anki2
2023-07-18 18:13 - 2020-06-01 07:14 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Microsoft\Word
2023-07-17 14:18 - 2022-12-24 10:13 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\draw.io
2023-07-13 09:45 - 2020-06-20 17:23 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Microsoft\Excel
2023-07-12 16:33 - 2021-02-14 19:53 - 000584320 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-07-12 16:29 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-07-12 16:29 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-07-12 16:29 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-07-12 16:29 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-07-12 16:29 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-07-12 14:43 - 2020-06-24 21:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-07-12 14:22 - 2020-06-24 21:32 - 173351160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-07-11 17:16 - 2022-12-24 07:43 - 000000000 ____D C:\Program Files\draw.io
2023-07-11 12:15 - 2023-03-30 15:06 - 000000000 ____D C:\Users\USUARIO\OneDrive\Documentos\UPDF
2023-07-10 22:38 - 2023-04-26 11:18 - 000000000 ____D C:\Users\USUARIO\AppData\Local\YACReader
2023-07-10 22:32 - 2019-12-08 22:00 - 000000000 ____D C:\ProgramData\Package Cache
2023-07-10 22:31 - 2023-04-26 11:16 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YACReader
2023-07-10 22:31 - 2023-04-26 11:16 - 000000000 ____D C:\Program Files\YACReader
2023-07-10 13:26 - 2020-06-21 13:14 - 000000000 ____D C:\Users\USUARIO\AppData\Local\ElevatedDiagnostics
2023-07-09 15:46 - 2022-04-05 17:28 - 000000000 ____D C:\KVRT2020_Data
2023-07-08 18:47 - 2019-12-07 04:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-07-07 15:42 - 2020-06-20 18:46 - 000000000 ____D C:\ProgramData\NVIDIA
2023-07-07 15:42 - 2020-06-01 07:47 - 000000000 ____D C:\Intel
2023-07-07 15:18 - 2019-12-07 04:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-07-06 05:35 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-07-06 05:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\registration
2023-07-06 05:20 - 2021-09-29 11:08 - 000000000 ___HD C:\$SysReset
2023-07-05 10:45 - 2023-06-12 22:14 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\audacity
2023-07-04 10:01 - 2020-07-16 10:37 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2023-07-03 22:13 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-07-03 18:41 - 2023-06-09 15:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\Kaspersky4Win-21-13
2023-07-02 12:33 - 2020-07-13 15:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-07-02 12:33 - 2019-12-07 09:58 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-07-02 10:55 - 2020-06-25 12:06 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-06-21 14:16 - 2022-05-09 20:21 - 000000000 ____D C:\KPRM
2023-06-21 14:07 - 2021-08-30 17:02 - 000003300 _____ C:\WINDOWS\system32\Tasks\klcp_update
2023-06-21 14:07 - 2021-08-30 17:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2023-06-21 14:07 - 2021-08-30 17:02 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2023-06-21 08:58 - 2021-02-20 14:40 - 000000000 ____D C:\Users\USUARIO\AppData\Local\ESET

==================== Archivos en la raíz de algunos directorios ========

2021-01-21 20:59 - 2021-03-18 17:10 - 000000820 _____ () C:\Users\USUARIO\AppData\Local\oobelibMkey.log
2020-06-24 10:12 - 2023-01-18 11:24 - 000007609 _____ () C:\Users\USUARIO\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Marr0n · 21 Julio, 2023 21:58

Hola buenas @mario006

OK.

Antes de seguir con el FRST vamos a por esto:

EN BUSCA / ELIMINACIÓN DE MALWARE

Por favor, descarga todo el software de los enlaces que pongo/de sus respectivos manuales.

Ahora ejecutarás una serie de herramientas respetando el orden los pasos con todos los programas cerrados incluidos los navegadores.

Inicia de nuevo el equipo desde el Modo Seguro – con funciones de Red, de Windows. Si no funcionasen los métodos que se explican en el anterior post, prueba estos otros. Más concretamente, primero el 3 (Seleccionando Red en lugar de Mínimo) y si no el 2 (también Red).

Una vez iniciado en este modo, empiezas haciendo todos los pasos que te pondré a continuación.

P.D.: Si el quipo no te arrancase en Modo seguro (cosa que puede pasar), me lo dices e intentaremos arreglar el sistema para que arranque en Modo Seguro. Pues hay malwares que ya se encargaran de que no puedas iniciar en Modo Seguro.

Descarga y ejecuta RKill, más concretamente debes de descargar la que está renombrada bajo el nombre de iExplore.exe. Para evitar el bloqueo de posibles malwares que pueda haber en tu equipo. Una vez que esta haya sido ejecutada, es muy importante no reiniciar el sistema hasta que te lo solicite yo o alguno de los programas de desinfección de los que estemos utilizando.

Me explico, por ejemplo: has iniciado la máquina en Modo Seguro con funciones de Red, has ejecutado Rkill y seguidamente realizas un Análisis con Malwarebytes. Este te detecta infecciones y te pide reiniciar la máquina para poder finalizar exitosamente su desinfección. Seguidamente, yo te he indicado que ejecutes por ejemplo el ESET Online Scanner, pues bien como no hemos acabado de desinfectar la máquina y estamos realizando el proceso de desinfección, y has tenido que reiniciar, ya que te lo ha pedido Malwarebytes pues debes de ejecutar nuevamente Rkill y después acto seguido el ESET ONline.

¿Me entiendes?

Si por ejemplo, incluso con Rkill, Malwarebytes AntiMalware o la herramienta que sea que te he pedido que utilices, ves que se bloquea y que al cabo de un buen rato no responde. Pues pasas a la siguiente y me informas de ello. Y así con todas. ¿OK? ¿Se entiende?

Realizas lo siguiente:

Manual Malwarebytes Anti-Rootkit Beta sigues las instrucciones de su manual y me traes sus correspondientes Informes de análisis: Mbar-log.txt y System-log.txt tal como se indica en su manual.
Descarga, instala y ejecuta TDSKiller de acuerdo a su Manual TDSKiller. Marca todas las casillas (Loaded Modules, Verify file digital signatures y Detect TDLFS file system). Sí te pide reiniciar lo haces, ejecutas de nuevo la herramienta y al marcar nuevamente las casillas que te he dicho, ya te dejara analizar.
Descarga, instala, actualiza y ejecuta Malwarebytes’ Anti-Malware. Aquí te dejo su manual: Manual de Malwarebytes, para que sepas como usarlo y configurarlo correctamente.
- Realizas un Análisis Personalizado, marcando Todas las casillas de la Derecha y de la Izquierda, actualizando si te lo pide. Es decir: conectas todos tus dispositivos externos (todos los discos duros externos que tengas, así como todas las USB que tengas, incluida la que me has dicho anteriormente y marcas todas las unidades de disco disponibles y las siguientes casillas:
1. Analizar objetos en memoria

2. Analizar configuracion de inicio y registro

3. Analizar dentro de los archivos
- Pulsar en “Eliminar Seleccionados” para enviar las infecciones a la cuarentena y Reinicias el ordenador.
- Para acceder posteriormente al informe del análisis te diriges a: Informes >> Registro de análisis >> pulsas en Exportar >> Copiar al Portapapeles y pones el informe en tu próxima respuesta.

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

No realices pasos/acciones que NOSOTROS no te hayamos indicado.

No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.

No instales NADA (programas/software/complementos/extensiones del navegador…).

No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).

No realices por tu cuenta otros procedimientos.

Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

EN TU PRÓXIMA RESPUESTA

Respondes a las preguntas que te haya realizado.
Traes los reportes de Malwarebytes Anti-Rootkit, TDSKiller y Malwarebytes.
Comentas el estado en general del ordenador respecto al problema inicial planteado.

Salu2.

mario006 · 22 Julio, 2023 17:24

Hola @Marr0n tuve problemas con el Anti-Rootkit no me permitió actualizar.

Creo que el virus o algo por el estilo persiste, cuando abro el navegador Brave me muestra una ventana para volver a instalar. En la pagina de forospyware me aparece publicidad, eso anteriormente no aparecía.

mario006 · 22 Julio, 2023 17:25

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 22/7/23
Hora del análisis: 9:46
Archivo de registro: 840eb3f8-289e-11ee-936a-00ff0368f798.json

-Información del software-
Versión: 4.5.33.272
Versión de los componentes: 1.0.2069
Versión del paquete de actualización: 1.0.72799
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 19045.3208)
CPU: x64
Sistema de archivos: NTFS
Usuario: Arturo-Parra\ArturoParra

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 485014
Amenazas detectadas: 1
Amenazas en cuarentena: 1
Tiempo transcurrido: 2 hr, 6 min, 14 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 1
PUP.Optional.DriverMax, C:\USUARIO\DOWNLOADS\PROGRAMS\DRIVERMAX.EXE, En cuarentena, 9732, 812463, 1.0.72799, , ame, , 08FD7FF1D23F56581D9D57669A6A9E8B, 804B5689C7781C11DFA8FA13340BA739261378F5A49B1B163C46AAD87E828058

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

mario006 · 22 Julio, 2023 17:33

tdsskiller.txt (164,9 KB)

mario006 · 22 Julio, 2023 17:39

Sobre el problema inicial: Ya no aparece la pantalla negra con el mouse. Lo que sucede es que al dar clic derecho a cualquier icono del escritorio la pantalla parpadea, la carpeta del explorador de la barra de tareas al dar clic para abrir se pone negra la pantalla y parpadea.

En modo seguro eso no pasa.

mario006 · 24 Julio, 2023 22:50

Buenas tardes @Marr0n envió examen realizado con dr. web

drweb

mario006 · 24 Julio, 2023 22:57

Estaba tratando de subir un informe pero se bloque la pagina.

mario006 · 24 Julio, 2023 22:57

Program            : RogueKiller Anti-Malware
Version            : 15.11.0.0
x64                : Yes
Program Date       : Jun 22 2023
Location           : C:\USUARIO\Desktop\RogueKiller_portable64.exe
Premium            : No
Company            : Adlice Software
Website            : https://www.adlice.com/
Contact            : https://adlice.com/contact/
Website            : https://adlice.com/download/roguekiller/
Operating System   : Windows 10 (10.0.19045) 64-bit
64-bit OS          : Yes
Startup            : 2
WindowsPE          : No
User               : ArturoParra
User is Admin      : Yes
Date               : 2023/07/24 22:06:33
Type               : Removal
Aborted            : No
Scan Mode          : Standard
Duration           : 1501
Found items        : 2
Total scanned      : 84655
Signatures Version : 20230704_071208
Truesight Driver   : No
Updates Count      : 0
truesight_error    : 1

************************* Warnings *************************

************************* Removal *************************
[PUP.InnovativeSolutions (Potencialmente Malicioso)] HKEY_USERS\S-1-5-21-1475189372-905897940-3643049737-1001\Software\Innovative Solutions --  -> Borrado
  [+] scan_what       : 2
  [+] vendors         : PUP.InnovativeSolutions
  [+] Name            : HKEY_USERS\S-1-5-21-1475189372-905897940-3643049737-1001\Software\Innovative Solutions
  [+] Type            : Registry
  [+] file_vtscore    : 0
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 0
  [+] status          : 3
  [+] status_str      : Borrado
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : 0

[PUP.InnovativeSolutions (Potencialmente Malicioso)] Innovative Solutions -- %localappdata%\Innovative Solutions -> Borrado
  [+] scan_what       : 1
  [+] vendors         : PUP.InnovativeSolutions
  [+] Name            : Innovative Solutions
  [+] value           : %localappdata%\Innovative Solutions
  [+] Type            : File/Folder
  [+] file_vtscore    : 0
  [+] file_vttotal    : 0
  [+] is_malicious    : Yes
  [+] detection_level : 3
  [+] id              : 1
  [+] status          : 3
  [+] status_str      : Borrado
  [+] removed         : Yes
  [+] status_choice   : 2
  [+] malpe_score     : 0

mario006 · 24 Julio, 2023 23:09

Respecto al navegador Brave, cada vez que quiero ingresar aparece esto. Antes no era así.

mario006 · 26 Julio, 2023 03:58

Buenas noches @Marr0n

~ ZHPCleaner v2023.7.23.35 by Nicolas Coolman (2023/07/23)
~ Run by ArturoParra (Administrator)  (25/07/2023 22:46:53)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : 
~ Type : Reparar
~ Report : C:\USUARIO\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\USUARIO\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : 
~ UAC : Activate
~ Boot Mode : Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Windows 10 Pro, 64-bit  (Build 19045)


---\\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Navegadores de Internet (0)


---\\  Hosts carpeta (1)
~ El archivo hosts es legítimo (21)


---\\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Explorador ( Archivos, Carpetas ) (2)
MOVIDO carpeta: C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\History    =>.SUP.BrowserHistoric
MOVIDO archivo: C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-BrowserUser Data\Default\Cache\Cache_Data  =>.SUP.BrowserCache


---\\  Registro ( Claves, Valores, Datos) (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Resumen de elementos en su estación de trabajo (2)
https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/  =>.SUP.BrowserHistoric
https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/  =>.SUP.BrowserCache


---\\ Limpieza adicional. (14)
~ Clave de registro Tracing borrados (14)
~ Quitar los antiguos informes de ZHPCleaner. (0)


---\\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ Brave OK
~ Microsoft Internet Explorer OK


---\\ STATISTIQUES
~ Items escaneado : 1093
~ Items encontrado : 0
~ artículos cancelados : 0
~ Ahorro de espacio (bytes) : 0
~ Items opciones : 10/18


---\\ OPCIONES NO ACTIVAS
~ Análisis temporal de archivos
~ Análisis temporal de carpetas
~ Análisis de CLSID de carpetas vacías
~ Vaciar otro análisis de carpetas
~ Análisis de carpetas locales vacías
~ Análisis de carpetas locales vacías
~ Análisis de archivos de instalación obsoleto
~ Iniciar navegadores con extensiones eliminadas





~ End of clean in 00h00mn16s

---\\  Reporte (4)

system · 16 Agosto, 2023 17:28

Este tema se cerró automáticamente 2 días después de la última publicación. No se permiten nuevas respuestas.