Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 13.03.2024
Ejecutado por victo (administrador) sobre HP-14-NOTEBOOK (Hewlett-Packard HP 14 Notebook PC) (14-03-2024 07:57:07)
Ejecutado desde C:\Users\victo\Desktop\FRST64.exe
Perfiles cargados: victo
Plataforma: Microsoft Windows 10 Home Single Language Versión 22H2 19045.4170 (X64) Idioma: Español (México)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe ->) (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start11\Start11_64.exe
(C:\Program Files\HP\HP Enabling Services\NetworkCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe <2>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <9>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATISOE.EXE
(explorer.exe ->) (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start11\S11Search64.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(services.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(services.exe ->) (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> ) C:\ProgramData\Wondershare\wsServices\ElevationService.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> wondershare) C:\ProgramData\Wondershare\wsServices\WsidService.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files (x86)\McAfee Security Scan\4.1.491\McUpdaterModule.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files (x86)\McAfee Security Scan\4.1.491\SSScheduler.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [735544 2015-08-07] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8496344 2015-07-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-07-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-22] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [455968 2023-05-26] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1151872 2016-11-18] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\...\Run: [MicrosoftEdgeAutoLaunch_2C19A6AEC137D1B73B2831EF0BA82386] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4060608 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [3306416 2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE [350032 2022-07-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\...\Run: [electron.app.BlueStacks Services] => C:\Users\victo\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe [162219656 2023-10-19] (Now.gg, INC -> now.gg, Inc.)
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATISOE.EXE [418736 2019-08-21] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45285792 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2860472463-3070343665-445750963-1004\...\Run: [MicrosoftEdgeAutoLaunch_9FCE621C16A65C4A68B145F7BE1E31A7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060608 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2860472463-3070343665-445750963-1004\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [3306416 2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\EPSON L4150 Series 64MonitorBE: C:\Windows\system32\E_YLMBSOE.DLL [184832 2017-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Archivo no firmado]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\122.0.6261.113\Installer\chrmstp.exe [2024-03-13] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2024-02-29]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\4.1.491\SSScheduler.exe (McAfee, LLC -> McAfee, LLC)
==================== Tareas programadas (Lista blanca) =================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {5BE14E56-5321-4993-8BCA-52C15C9CCAC9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-21] (Adobe Inc. -> Adobe Inc.)
Task: {03207214-15D0-47E8-9818-4EFA697C2D9E} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-victorleonart3005@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {735D8148-765D-4D99-99D9-F39B0B1B0AA2} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [302968 2023-12-05] (Now.gg, INC -> BlueStack Systems, Inc.)
Task: {2155C164-B9D4-4FCE-86FB-F204DAA29078} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {399E5BEA-52C5-4DF7-9192-3330D7A0A717} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "f15663ff-efad-4ffa-b005-6ab78aa07d15" --version "6.22.10977" --silent
Task: {27CB0C86-90A7-411C-9890-E66A19B2D77E} - System32\Tasks\CCleanerSkipUAC - victo => C:\Program Files\CCleaner\CCleaner.exe [39024544 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {4FAD28BB-2EE2-48AB-9D86-C44DD08A26FA} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\victo\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15144824 2024-03-13] (ESET, spol. s r.o. -> ESET)
Task: {F4637BE2-6FC4-4149-8562-5CB0C5C48954} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\victo\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15144824 2024-03-13] (ESET, spol. s r.o. -> ESET)
Task: {3A77D5EE-3CFB-42C1-87D9-34FF7434A7FA} - System32\Tasks\EPSON L4150 Series Update {4739C479-AE44-4FD2-8C15-989AD12495BE} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSSOE.EXE [680440 2017-06-06] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {733C20DD-C8D3-46AF-8F46-E79CACB5FA14} - System32\Tasks\Google Play Games Notifier => C:\Program Files\Google\Play Games\Bootstrapper.exe [374560 2024-03-13] (Google LLC -> Google LLC)
Task: {EC42090F-3935-4F65-86E7-7EB447BC3E83} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6342.2{BADEC5A2-779E-4A6B-A8B3-51C1F470AF1E} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6342.2\updater.exe [4721952 2024-03-06] (Google LLC -> Google LLC)
Task: {6821A614-5E37-41CC-9AD2-98C481DAECE2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [703536 2024-02-01] (HP Inc. -> HP Inc.)
Task: {6B9C92F2-7F03-43DB-A379-54B2AFE30B50} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2024-02-01] (HP Inc. -> HP Inc.)
Task: {7FC5AD99-22D3-45B6-A7E6-0A8664A135A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161264 2024-02-01] (HP Inc. -> HP Inc.)
Task: {2A46C5B1-4248-4C5A-A6FC-664D9F38F2CE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161264 2024-02-01] (HP Inc. -> HP Inc.)
Task: {5739193C-1CBD-4A9C-B91D-1B9078E2571A} - System32\Tasks\McUpdaterModuleTask => C:\Program Files (x86)\McAfee Security Scan\4.1.491\McUpdaterModule.exe [2469952 2024-02-16] (McAfee, LLC -> McAfee, LLC)
Task: {F62F1052-14A6-4012-946E-A49FFBDEC7AD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F937DDB9-5B4C-4BB5-90A7-12E20BAF487C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4D1126E5-E5CA-49F9-BD87-B10EAA5ABFA7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8660B330-D8BA-405D-9867-344979D8B9A8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4189247D-37B6-4B01-B5DC-CD0070290719} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463600 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {D13A3086-1367-480E-9B4C-7DEFA83F4F22} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938792 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {1E2CBCE0-B152-48EC-995C-7AD5EEAE3ECD} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2335600 2021-09-08] (Microsoft Corporation -> Microsoft)
Task: {47A3D774-6F6B-4F1F-8067-80F9992B8026} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32632 2021-09-08] (Microsoft Corporation -> Microsoft)
Task: {7C4EBB36-6F1D-4C73-891B-18D58A67D05C} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463600 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {5C7DCCBA-163D-464A-9068-16967742C30A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938792 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0E18682-1422-4CD9-B5F4-E8965653F58B} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4205984 2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7044BFF8-058B-49C0-950A-7110B1E38F38} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2860472463-3070343665-445750963-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4205984 2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF140074-43AC-435A-9A2B-F185722974D2} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2860472463-3070343665-445750963-1004 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4205984 2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA382F04-9F72-4D47-A085-C69D7A5EF40B} - System32\Tasks\SecurityScannerScheduler => C:\Program Files (x86)\McAfee Security Scan\4.1.491\SSScheduler.exe [1234104 2024-02-16] (McAfee, LLC -> McAfee, LLC)
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\EPSON L4150 Series Update {4739C479-AE44-4FD2-8C15-989AD12495BE}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSSOE.EXE:/EXE:{4739C479-AE44-4FD2-8C15-989AD12495BE} /F:UpdateWORKGROUP\HP-14-NOTEBOOK$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{16fc0d20-1ab3-436c-8382-415ad4b95425}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{16fc0d20-1ab3-436c-8382-415ad4b95425}: [DhcpDomain] domain_not_set.invalid
Tcpip\..\Interfaces\{16fc0d20-1ab3-436c-8382-415ad4b95425}\74F42544F4E435: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\victo\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-13]
Edge Extension: (Documentos de Google sin conexión) - C:\Users\victo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-12]
Edge Extension: (Edge relevant text changes) - C:\Users\victo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\victo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-03-13]
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\victo\AppData\Local\Google\Chrome\User Data\Default [2024-03-14]
CHR Extension: (Numero temporal) - C:\Users\victo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ephafbplmnnoliangkcghhopgcincnec [2024-02-21]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\victo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-23]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\victo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-03-13]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\victo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-12]
CHR Profile: C:\Users\victo\AppData\Local\Google\Chrome\User Data\System Profile [2023-11-28]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-21] (Adobe Inc. -> Adobe Inc.)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [98208 2015-07-20] (Andrea Electronics -> Andrea Electronics Corporation)
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [104824 2015-08-07] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1081248 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 DFWSIDService; C:\ProgramData\Wondershare\wsServices\WsidService.exe [3963120 2024-01-30] (Wondershare Technology Group Co.,Ltd -> wondershare)
R2 ElevationService; C:\ProgramData\Wondershare\wsServices\ElevationService.exe [934648 2023-08-11] (Wondershare Technology Group Co.,Ltd -> )
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [206304 2020-10-02] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncHelper.exe [3516832 2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
S2 GoogleUpdaterInternalService124.0.6342.2; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6342.2\updater.exe [4721952 2024-03-06] (Google LLC -> Google LLC)
S2 GoogleUpdaterService124.0.6342.2; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6342.2\updater.exe [4721952 2024-03-06] (Google LLC -> Google LLC)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [891328 2024-02-01] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [889896 2024-02-01] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [886824 2024-02-01] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [890408 2024-02-01] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9423680 2024-03-12] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-03-12] (Malwarebytes Inc. -> Malwarebytes)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\4.1.491\McCHSvc.exe [330160 2024-02-16] (McAfee, LLC -> McAfee, LLC)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.040.0225.0003\OneDriveUpdaterService.exe [3856400 2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2023-12-21] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933432 2023-12-21] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 Start11; C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe [271600 2024-01-28] (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [802752 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [497392 2024-01-30] (Wondershare Technology Group Co.,Ltd -> Wondershare)
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [39272 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 applencm; C:\Windows\System32\drivers\applencm.sys [70288 2023-12-27] (Microsoft Windows Hardware Compatibility Publisher -> AppleNCM)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [310672 2023-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Bluestack System Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2023-12-21] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2024-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 libusb0; C:\Windows\System32\drivers\libusb0.sys [52832 2023-12-27] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223296 2024-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-03-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [200104 2024-03-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2024-03-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2024-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [188784 2024-03-13] (Malwarebytes Inc. -> Malwarebytes)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2023-12-21] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [251776 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [262648 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxSup; C:\Windows\system32\DRIVERS\VBoxSup.sys [1060600 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates)
R0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20928 2024-03-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [603416 2024-03-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-12] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\Windows\System32\drivers\wintun.sys [29592 2024-02-25] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (Hewlett-Packard Company -> HP Inc.)
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) (Lista blanca) =========
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2024-03-14 07:57 - 2024-03-14 07:58 - 000030670 _____ C:\Users\victo\Desktop\FRST.txt
2024-03-14 07:56 - 2024-03-14 07:57 - 000000000 ____D C:\FRST
2024-03-14 07:54 - 2024-03-14 07:55 - 002390528 _____ (Farbar) C:\Users\victo\Desktop\FRST64.exe
2024-03-14 07:53 - 2024-03-14 07:54 - 002390528 _____ (Farbar) C:\Users\victo\Downloads\FRST64.exe
2024-03-13 20:36 - 2024-03-13 20:36 - 000001556 _____ C:\Users\victo\Downloads\Informe de análisis Malwarebytes.txt
2024-03-13 17:05 - 2024-03-13 17:05 - 000003856 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2024-03-13 17:05 - 2024-03-13 17:05 - 000003414 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2024-03-13 13:48 - 2024-03-13 17:57 - 000001378 _____ C:\Users\victo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-03-13 13:48 - 2024-03-13 17:57 - 000001272 _____ C:\Users\victo\Desktop\ESET Online Scanner.lnk
2024-03-13 13:48 - 2024-03-13 13:48 - 000000000 ____D C:\Users\victo\AppData\Local\ESET
2024-03-13 13:45 - 2024-03-13 13:45 - 000188784 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2024-03-13 13:43 - 2024-03-13 13:43 - 000000000 ____D C:\ProgramData\Piriform
2024-03-13 13:43 - 2024-03-13 13:43 - 000000000 ____D C:\ProgramData\Norton
2024-03-13 06:36 - 2024-03-13 18:01 - 000000000 ____D C:\Users\victo\AppData\Roaming\ZHP
2024-03-13 06:36 - 2024-03-13 06:36 - 000000875 _____ C:\Users\victo\Desktop\ZHPCleaner.lnk
2024-03-13 06:36 - 2024-03-13 06:36 - 000000000 ____D C:\Users\victo\AppData\Local\ZHP
2024-03-12 21:44 - 2024-03-12 21:44 - 000069250 _____ C:\Users\victo\Documents\cc_20240312_214438.reg
2024-03-12 21:30 - 2024-03-12 21:38 - 000000000 ____D C:\AdwCleaner
2024-03-12 21:00 - 2024-03-14 07:55 - 000000000 ____D C:\Users\victo\AppData\Local\Malwarebytes
2024-03-12 21:00 - 2024-03-12 21:00 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-03-12 20:58 - 2024-03-12 20:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-03-12 20:58 - 2024-03-12 20:58 - 000000000 ____D C:\Program Files\Malwarebytes
2024-03-12 20:57 - 2024-03-12 20:57 - 000143362 _____ C:\Users\victo\Documents\cc_20240312_205743.reg
2024-03-12 20:48 - 2024-03-14 07:45 - 000000000 ____D C:\Program Files\CCleaner
2024-03-12 20:48 - 2024-03-13 13:45 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-03-12 20:48 - 2024-03-13 13:42 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-03-12 20:48 - 2024-03-13 13:42 - 000003380 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-03-12 20:48 - 2024-03-12 20:48 - 000002902 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - victo
2024-03-12 20:48 - 2024-03-12 20:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2024-03-12 19:00 - 2024-03-12 19:00 - 000000306 _____ C:\Windows\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat
2024-03-12 14:14 - 2024-03-12 14:14 - 000000000 ___HD C:\$WinREAgent
2024-03-11 17:36 - 2024-03-11 17:36 - 000000000 ___HD C:\OneDriveTemp
2024-03-11 17:16 - 2024-03-11 17:16 - 000000000 ____D C:\Users\victo\AppData\LocalLow\YandereDev
2024-02-29 21:27 - 2024-02-29 21:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2024-02-29 21:27 - 2024-02-29 21:27 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2024-02-29 14:07 - 2024-02-29 14:07 - 000019530 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-29 14:06 - 2024-02-29 14:06 - 000019530 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-02-27 16:01 - 2024-02-27 16:01 - 000000000 ____D C:\Users\victo\AppData\Local\ElevatedDiagnostics
2024-02-27 13:35 - 2024-02-27 13:35 - 000077713 _____ C:\Users\victo\Downloads\Comprobante_SP2400172340.pdf
2024-02-27 13:35 - 2024-02-27 13:35 - 000077713 _____ C:\Users\victo\Downloads\Comprobante_SP2400172340 (1).pdf
2024-02-26 22:06 - 2024-02-26 22:06 - 000993986 _____ C:\Users\victo\Downloads\Dialnet-ElCaducoMundoDeDisney-1985811.pdf
2024-02-26 20:00 - 2024-02-26 20:00 - 000004248 _____ C:\Windows\system32\Tasks\Google Play Games Notifier
2024-02-25 22:03 - 2024-02-25 22:03 - 000002209 _____ C:\Users\Public\Desktop\Epson Printer Connection Checker.lnk
2024-02-25 19:05 - 2024-02-25 19:05 - 000000000 ____D C:\Users\victo\AppData\Roaming\3uTools
2024-02-25 18:54 - 2023-12-27 05:08 - 000076384 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusb0.dll
2024-02-25 18:54 - 2023-12-27 05:08 - 000052832 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusb0.sys
2024-02-25 15:21 - 2024-02-25 15:22 - 000001341 _____ C:\Users\victo\Desktop\eliminar si ya no queda memoria.lnk
2024-02-25 10:30 - 2024-02-25 10:30 - 000000000 ____D C:\Users\victo\AppData\Local\unali-56149984
2024-02-25 10:30 - 2024-02-25 10:30 - 000000000 ____D C:\Users\victo\AppData\Local\unali-56148093
2024-02-24 12:43 - 2024-02-24 12:43 - 000000000 ____D C:\Users\victo\Apple
2024-02-24 12:35 - 2024-02-24 12:35 - 000000000 ____D C:\ProgramData\Apple Computer
2024-02-23 20:17 - 2024-02-23 20:17 - 000000000 ____D C:\Users\victo\AppData\Roaming\Stardock
2024-02-23 20:13 - 2024-02-23 20:17 - 000000000 ____D C:\Users\victo\AppData\Local\Stardock
2024-02-23 20:13 - 2024-02-23 20:13 - 000000000 ____D C:\Users\Public\Documents\Stardock
2024-02-23 20:13 - 2024-02-23 20:13 - 000000000 ____D C:\ProgramData\Stardock
2024-02-23 20:13 - 2024-02-23 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2024-02-23 20:13 - 2024-02-23 20:13 - 000000000 ____D C:\Program Files (x86)\Stardock
2024-02-20 20:15 - 2024-02-20 20:15 - 000000000 ____D C:\Windows\system32\Tasks\GoogleSystem
2024-02-19 21:23 - 2024-02-19 21:23 - 000000000 ____D C:\ProgramData\SystemAcCrux
2024-02-19 21:23 - 2024-02-19 21:23 - 000000000 ____D C:\Program Files (x86)\EaseUS
2024-02-19 21:22 - 2024-02-19 21:22 - 000000000 ____D C:\Users\victo\AppData\Roaming\EaseUS
2024-02-19 21:22 - 2024-02-19 21:22 - 000000000 ____D C:\Program Files\EaseUS
2024-02-19 21:18 - 2024-01-17 06:34 - 000109056 _____ C:\Users\victo\Downloads\Guardado con Autorrecuperación de Lo importante de México((Unsaved-310822800234065120)) - copia.asd
2024-02-19 21:17 - 2024-01-17 06:34 - 000109056 _____ C:\Users\victo\Downloads\Guardado con Autorrecuperación de Lo importante de México((Unsaved-310822800234065120)).asd
2024-02-19 21:03 - 2024-03-10 22:26 - 000002380 ____H C:\Users\victo\Documents\Default.rdp
2024-02-16 09:55 - 2024-02-16 09:55 - 000078488 _____ C:\Users\victo\Downloads\CURP_AESE840424MDFRNL02.pdf
2024-02-16 09:53 - 2024-02-16 09:53 - 000077859 _____ C:\Users\victo\Downloads\CURP_LEAL181001HMCNRNA2.pdf
2024-02-16 09:51 - 2024-02-16 09:51 - 000077233 _____ C:\Users\victo\Downloads\CURP_LEAV110530HMCNRCA7.pdf
2024-02-15 20:18 - 2024-02-15 20:18 - 000000000 ____D C:\Users\victo\AppData\Roaming\Microsoft\InputMethod
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2024-03-14 07:50 - 2019-12-07 09:03 - 000749324 _____ C:\Windows\system32\perfh00A.dat
2024-03-14 07:50 - 2019-12-07 09:03 - 000145644 _____ C:\Windows\system32\perfc00A.dat
2024-03-14 07:50 - 2019-12-07 08:12 - 001681366 _____ C:\Windows\system32\PerfStringBackup.INI
2024-03-14 07:50 - 2019-12-07 03:13 - 000000000 ____D C:\Windows\INF
2024-03-14 07:45 - 2023-11-12 18:57 - 000000000 ___RD C:\Users\victo\OneDrive
2024-03-14 07:44 - 2019-12-07 08:15 - 000000000 ____D C:\Users\victo
2024-03-14 07:44 - 2019-12-07 08:05 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-03-14 07:44 - 2019-12-07 08:04 - 000008192 ___SH C:\DumpStack.log.tmp
2024-03-14 07:44 - 2019-12-07 08:04 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-03-14 07:44 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\ServiceState
2024-03-14 07:44 - 2019-12-07 03:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-13 20:24 - 2023-12-27 17:05 - 000000000 ___RD C:\Users\victo\Desktop\REDMI 2023
2024-03-13 17:54 - 2023-12-15 15:20 - 000000000 ____D C:\Users\victo\AppData\Local\CrashDumps
2024-03-13 17:11 - 2019-12-07 03:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-13 17:11 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\AppReadiness
2024-03-13 14:37 - 2024-02-05 16:04 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2024-03-13 13:52 - 2023-05-05 06:26 - 000000000 ____D C:\Windows\SystemTemp
2024-03-13 13:45 - 2023-11-12 19:20 - 000000000 __SHD C:\Users\victo\IntelGraphicsProfiles
2024-03-13 13:44 - 2019-12-07 03:03 - 000786432 _____ C:\Windows\system32\config\BBI
2024-03-13 06:32 - 2023-11-12 19:00 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2024-03-13 06:31 - 2023-11-12 20:04 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-13 06:31 - 2023-11-12 20:04 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-03-12 21:38 - 2024-02-05 13:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2024-03-12 21:38 - 2024-02-05 13:47 - 000000000 ____D C:\Users\victo\AppData\Roaming\Samsung
2024-03-12 21:38 - 2024-02-05 13:46 - 000000000 ____D C:\Program Files (x86)\Samsung
2024-03-12 21:38 - 2023-11-12 19:59 - 000000000 ____D C:\ProgramData\EPSON
2024-03-12 21:38 - 2023-11-12 19:59 - 000000000 ____D C:\Program Files\epson
2024-03-12 21:38 - 2023-11-12 19:07 - 000000000 ____D C:\Users\victo\AppData\Roaming\Hewlett-Packard
2024-03-12 21:38 - 2023-11-12 18:59 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2024-03-12 21:00 - 2019-12-07 03:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-03-12 20:53 - 2024-02-10 17:05 - 000000000 ____D C:\Program Files (x86)\Steam
2024-03-12 20:53 - 2019-12-07 08:03 - 000000000 ____D C:\Windows\Panther
2024-03-12 19:10 - 2019-12-07 08:05 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-03-12 19:00 - 2023-11-12 19:20 - 000000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2024-03-12 18:59 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-03-12 18:59 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\SystemResources
2024-03-12 18:59 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\oobe
2024-03-12 18:59 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\Dism
2024-03-12 18:59 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\bcastdvr
2024-03-12 18:59 - 2019-12-07 03:03 - 000000000 ____D C:\Windows\servicing
2024-03-12 14:23 - 2019-12-07 03:03 - 000000000 ____D C:\Windows\CbsTemp
2024-03-12 14:21 - 2019-12-07 08:10 - 003017216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-03-12 14:14 - 2023-11-26 11:11 - 000000000 ____D C:\Windows\system32\MRT
2024-03-12 14:11 - 2023-11-26 11:11 - 190470136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-03-12 13:51 - 2024-01-08 19:31 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-03-11 17:36 - 2024-02-05 11:52 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-03-11 17:36 - 2024-01-08 19:32 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-11 17:36 - 2023-12-10 17:28 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2860472463-3070343665-445750963-1004
2024-03-11 17:36 - 2023-11-12 18:58 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2860472463-3070343665-445750963-1001
2024-03-11 15:31 - 2023-11-27 19:13 - 000000000 ____D C:\Users\victo\AppData\Roaming\Microsoft\Word
2024-03-10 22:25 - 2019-12-07 09:05 - 000000000 ____D C:\Windows\system32\FxsTmp
2024-03-08 16:38 - 2019-12-07 08:05 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-08 16:38 - 2019-12-07 08:05 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-03-06 19:29 - 2023-11-27 12:59 - 000000000 ____D C:\Users\victo\.VirtualBox
2024-03-06 19:22 - 2023-11-27 12:59 - 000000000 ____D C:\ProgramData\VirtualBox
2024-03-05 18:40 - 2019-12-07 08:05 - 000003636 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-05 18:40 - 2019-12-07 08:05 - 000003512 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-04 14:03 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\NDF
2024-02-29 21:28 - 2023-11-12 19:32 - 000000000 ____D C:\ProgramData\McAfee
2024-02-29 21:27 - 2023-11-12 19:44 - 000003204 _____ C:\Windows\system32\Tasks\McUpdaterModuleTask
2024-02-29 21:27 - 2023-11-12 19:44 - 000002204 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2024-02-29 21:27 - 2023-11-12 19:32 - 000003206 _____ C:\Windows\system32\Tasks\SecurityScannerScheduler
2024-02-29 21:27 - 2023-11-12 19:32 - 000000000 ____D C:\Program Files (x86)\McAfee Security Scan
2024-02-29 21:27 - 2019-12-07 08:18 - 000000000 ____D C:\ProgramData\Packages
2024-02-29 21:27 - 2019-12-07 08:17 - 000000000 ____D C:\Users\victo\AppData\Local\Packages
2024-02-29 21:25 - 2023-11-12 19:00 - 000000000 ____D C:\Windows\system32\Tasks\Hewlett-Packard
2024-02-29 21:25 - 2019-12-07 08:04 - 005071568 _____ C:\Windows\system32\FNTCACHE.DAT
2024-02-29 21:24 - 2019-12-07 09:03 - 000000000 ____D C:\Windows\es-MX
2024-02-29 21:24 - 2019-12-07 03:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-02-29 21:24 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2024-02-29 21:24 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\es-MX
2024-02-29 21:24 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-02-28 19:27 - 2019-12-07 08:17 - 000000000 ____D C:\Users\victo\AppData\Local\D3DSCache
2024-02-27 16:03 - 2023-11-12 18:57 - 000000000 ____D C:\Users\victo\AppData\Local\PlaceholderTileLogoFolder
2024-02-25 22:03 - 2023-11-12 19:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2024-02-25 22:03 - 2023-11-12 19:59 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2024-02-25 10:41 - 2023-11-27 13:08 - 000000000 ____D C:\Users\victo\VirtualBox VMs
2024-02-24 12:22 - 2019-12-07 08:18 - 000000000 ____D C:\Users\victo\AppData\Local\Publishers
2024-02-24 12:15 - 2023-11-26 16:39 - 000000000 ____D C:\3uToolsV3
2024-02-24 12:07 - 2023-11-26 16:38 - 000001332 _____ C:\Users\Public\Desktop\3uTools(32bit).lnk
2024-02-24 10:27 - 2023-11-28 11:07 - 000001134 _____ C:\Windows\system32\config\VSMIDK
2024-02-22 16:35 - 2024-02-09 20:39 - 000000000 ____D C:\Users\victo\Desktop\chinafon datos
2024-02-21 16:47 - 2023-12-08 13:30 - 000000000 ____D C:\Program Files\HP
2024-02-20 20:18 - 2023-11-12 20:04 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-18 12:08 - 2023-12-14 17:52 - 000000000 ____D C:\ProgramData\bst_boost_interprocess
2024-02-18 12:08 - 2023-12-14 17:52 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2024-02-17 11:09 - 2023-11-26 15:55 - 000000000 ____D C:\Users\victo\Desktop\DOCUMENTOS INSCRIPCION
2024-02-15 20:04 - 2023-12-04 22:57 - 000245343 _____ C:\Users\victo\Downloads\Sin título-1.psd
2024-02-15 13:52 - 2019-12-07 03:03 - 000032768 _____ C:\Windows\system32\config\ELAM
==================== Archivos en la raíz de algunos directorios ========
2023-11-26 15:41 - 2023-11-26 15:41 - 000007602 _____ () C:\Users\victo\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 13.03.2024
Ejecutado por victo (14-03-2024 07:59:03)
Ejecutado desde C:\Users\victo\Desktop
Microsoft Windows 10 Home Single Language Versión 22H2 19045.4170 (X64) (2019-12-07 14:08:08)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
(Si una entrada es incluida en el fixlist, será eliminada.)
Administrador (S-1-5-21-2860472463-3070343665-445750963-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2860472463-3070343665-445750963-503 - Limited - Disabled)
Invitado (S-1-5-21-2860472463-3070343665-445750963-501 - Limited - Disabled)
victo (S-1-5-21-2860472463-3070343665-445750963-1001 - Administrator - Enabled) => C:\Users\victo
victo_194zloz (S-1-5-21-2860472463-3070343665-445750963-1004 - Limited - Enabled) => C:\Users\victo_194zloz
WDAGUtilityAccount (S-1-5-21-2860472463-3070343665-445750963-504 - Limited - Disabled)
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
3uTools(32bit) (HKLM-x32\...\3uToolsV3_x86) (Version: 3.08.025 - Shenzhen Aidapu Network Technology Co.,Ltd.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1034-1033-7760-BC15014EA700}) (Version: 23.006.20360 - Adobe)
Adobe AIR (HKLM-x32\...\{A2BCA9F1-566C-4805-97D1-7FDC93386723}) (Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1202.1711.103 - Alps Electric)
Blender (HKLM\...\{7D3DB565-6157-47EA-9D7D-E9B5B964E621}) (Version: 2.90.0 - Blender Foundation)
Blender (HKLM\...\{B1DF3793-1651-4AE5-9CA0-E845DD8B526B}) (Version: 2.79.0 - Blender Foundation)
BlueStacks App Player (HKLM\...\BlueStacks_nxt) (Version: 5.14.10.1008 - now.gg, Inc.)
BlueStacks Services (HKU\S-1-5-21-2860472463-3070343665-445750963-1001\...\BlueStacksServices) (Version: 3.0.2 - now.gg, Inc.)
BlueStacks X (HKU\S-1-5-21-2860472463-3070343665-445750963-1001\...\BlueStacks X) (Version: 10.5.10.1003 - now.gg, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.22 - Piriform)
Comprobación de estado de PC Windows (HKLM\...\{D335124C-C378-488D-933F-1C5181C343F6}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Epic Games Launcher (HKLM-x32\...\{FA06BD44-6ED1-42D5-963C-D5B165C4D892}) (Version: 1.3.93.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{71038C40-8258-44D2-BBF4-B6312338172C}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{AB8BE3EA-01D3-44B7-8E77-A9601CBDEBDE}) (Version: 3.10.0085 - Seiko Epson Corporation)
EPSON L4150 Series Printer Uninstall (HKLM\...\EPSON L4150 Series) (Version: - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{DE32F90E-1A29-4D74-BCF1-E7DDB25D713A}) (Version: 3.4.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{711E8536-AB71-4455-A6C4-357FDBBEBF91}) (Version: 4.6.7 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 122.0.6261.113 - Google LLC)
Google Play Juegos Beta (HKLM\...\GooglePlayGames) (Version: 24.2.624.7 - Google LLC)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard Company)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{E5FAF48A-145F-4B33-A062-DCFAAFAE5D41}) (Version: 12.8.1.1000 - Intel Corporation) Hidden
Malwarebytes version 5.1.0.102 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.0.102 - Malwarebytes)
Manual Epson L4150 (HKLM-x32\...\UsersGuideManual Epson L4150_is1) (Version: 1.0 - Epson America, Inc.)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 4.1.491.1 - McAfee, LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.80 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 14.41.137.0 - Microsoft Corporation)
Microsoft Office Access MUI (Spanish) 2010 (HKLM-x32\...\{90140000-0015-0C0A-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Spanish) 2010 (HKLM-x32\...\{90140000-0016-0C0A-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Spanish) 2010 (HKLM-x32\...\{90140000-00BA-0C0A-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Spanish) 2010 (HKLM-x32\...\{90140000-0044-0C0A-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Spanish) 2010 (HKLM-x32\...\{90140000-00A1-0C0A-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Spanish) 2010 (HKLM-x32\...\{90140000-001A-0C0A-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Spanish) 2010 (HKLM-x32\...\{90140000-0018-0C0A-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Proof (Basque) 2010 (HKLM-x32\...\{90140000-001F-042D-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Catalan) 2010 (HKLM-x32\...\{90140000-001F-0403-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Galician) 2010 (HKLM-x32\...\{90140000-001F-0456-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-001F-0416-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Spanish) 2010 (HKLM-x32\...\{90140000-002C-0C0A-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Spanish) 2010 (HKLM-x32\...\{90140000-0019-0C0A-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Spanish) 2010 (HKLM\...\{90140000-002A-0C0A-1000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2010 (HKLM-x32\...\{90140000-006E-0C0A-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Spanish) 2010 (HKLM-x32\...\{90140000-001B-0C0A-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.040.0225.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33130 (HKLM-x32\...\{1de5e707-82da-4db6-b810-5d140cc4cbb3}) (Version: 14.38.33130.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33130 (HKLM\...\{C31777DB-51C1-4B19-9F80-38EF5C1D7C89}) (Version: 14.38.33130 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33130 (HKLM\...\{1CA7421F-A225-4A9C-B320-A36981A2B789}) (Version: 14.38.33130 - Microsoft Corporation) Hidden
Microsoft_VC80_ATL_x86 (HKLM-x32\...\{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (HKLM\...\{925D058B-564A-443A-B4B2-7E90C6432E55}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (HKLM-x32\...\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (HKLM\...\{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (HKLM-x32\...\{D1A19B02-817E-4296-A45B-07853FD74D57}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (HKLM\...\{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (HKLM-x32\...\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (HKLM\...\{1E9FC118-651D-4934-97BE-E53CAE5C7D45}) (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (HKLM-x32\...\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}) (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (HKLM\...\{8557397C-A42D-486F-97B3-A2CBC2372593}) (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{08D2E121-7F6A-43EB-97FD-629B44903403}) (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (HKLM\...\{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}) (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (HKLM-x32\...\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}) (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (HKLM\...\{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}) (Version: 1.00.0000 - Adobe) Hidden
NEKOPARA vol.0 (HKU\S-1-5-21-2860472463-3070343665-445750963-1004\...\{25546E8B-B838-44A1-B798-E40C412421B1}) (Version: - NEKO WORKs)
OpenGL Extensions Viewer 6.4 (HKLM-x32\...\GLVIEW3) (Version: 649 - )
Oracle VM VirtualBox 7.0.12 (HKLM\...\{63D7619C-79C2-42B6-A463-060F52EAF7C0}) (Version: 7.0.12 - Oracle and/or its affiliates)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Pioneer DDJ_SB Driver (HKLM-x32\...\Pioneer DDJ_SB ASIO) (Version: 1.100.000.001 - Pioneer DJ Corporation.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 4.30 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.61.0 - Samsung Electronics Co., Ltd.)
Serato DJ Lite (HKLM\...\{3C4546B0-36C1-41DC-BFA4-C9C7DE42BC41}) (Version: 3.1.0.191 - Serato Limited) Hidden
Serato DJ Lite (HKLM-x32\...\{bb55fed5-51b5-4b7a-8230-840681443f66}) (Version: 3.1.0.191 - Serato Limited)
Stardock Start11 (HKLM-x32\...\Stardock Start11) (Version: 2.0.5.4 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.80 - Microsoft Corporation)
WinRAR 6.24 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)
Wondershare Dr.Fone (Version 13.5.7) (HKLM-x32\...\{E8F86DA8-B8E4-42C7-AFD4-EBB692AC43FD}_is1) (Version: 13.5.7.309 - Wondershare Technology Co.,Ltd.)
YWYT gaming mouse (HKLM-x32\...\{3315FA51-CF6C-45DF-AFBF-A328D6884AEB}) (Version: 1.00.0000 - YWYT gaming mouse)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2023-12-10] ()
Asphalt 9: Legends -> C:\Program Files\WindowsApps\A278AB0D.Asphalt9_4.5.101.2_x64__h6adky7gbf63m [2024-02-27] (Gameloft SE)
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2024-02-15] (Microsoft Corporation)
Búsqueda web de Microsoft Bing -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-02-09] (Microsoft Corporation)
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1100.416.0_x64__8wekyb3d8bbwe [2024-02-29] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.20.3368.0_x64__rz1tebttyb220 [2024-02-27] (Dolby Laboratories)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.33.28.0_x64__v10z8vjag6ke6 [2024-02-21] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa [2024-02-24] (Apple Inc.) [Startup Task]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-03-12] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0 [2024-03-12] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2409.8.0_x64__cv1g1gvanyjgm [2024-03-09] (WhatsApp Inc.) [Startup Task]
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
CustomCLSID: HKU\S-1-5-21-2860472463-3070343665-445750963-1001_Classes\CLSID\{6282d2e9-5906-bbf9-4b71-0c2869c6a835}\localserver32 -> C:\Program Files\Google\Play Games\current\service\Service.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2860472463-3070343665-445750963-1001_Classes\CLSID\{6a27a1a9-7be8-1491-04ca-ee68a211c258}\localserver32 -> C:\Program Files\Google\Play Games\current\service\Service.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2860472463-3070343665-445750963-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-03-12] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.040.0225.0003\FileSyncShell64.dll [2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-03-12] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
==================== Accesos directos & WMI ========================
==================== Módulos cargados (Lista blanca) =============
2013-08-22 11:08 - 2013-08-22 11:08 - 000286720 _____ (Intel Corporation) [Archivo no firmado] [El archivo está en uso] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-08-22 11:08 - 2013-08-22 11:08 - 000517120 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2017-02-13 14:54 - 2017-02-13 14:54 - 000132096 _____ (Seiko Epson Corporation) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Windows\System32\enppmon.dll
2024-02-05 16:10 - 2023-09-12 10:52 - 008382976 _____ (wondershare) [Archivo no firmado] C:\ProgramData\Wondershare\wsServices\WsidClient.dll
==================== Alternate Data Streams (Lista blanca) ========
(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)
AlternateDataStreams: C:\Users\victo\Desktop\FRST64.exe:MBAM.Zone.Identifier [240]
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Asociación (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado.)
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\Software\Classes\regfile: <==== ATENCIÓN
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\Software\Classes\.reg: => <==== ATENCIÓN
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\Software\Classes\.bat: => <==== ATENCIÓN
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\Software\Classes\.cmd: => <==== ATENCIÓN
==================== Internet Explorer (Lista blanca) ==========
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2019-12-07 03:14 - 2024-02-29 21:27 - 000000859 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
2024-01-22 19:56 - 2024-01-22 19:56 - 000000443 _____ C:\Windows\system32\drivers\etc\hosts.ics
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\victo\Downloads\02-14.jpg
HKU\S-1-5-21-2860472463-3070343665-445750963-1004\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.
Network Binding:
=============
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: XblGameSave => 3
MSCONFIG\Services: XboxGipSvc => 3
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_2C19A6AEC137D1B73B2831EF0BA82386"
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\...\StartupApproved\Run: => "electron.app.BlueStacks Services"
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [{4750E713-D391-45FF-B696-F4E8641B3DC1}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{15B48636-550B-4430-88DD-2BE4E520C505}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{9FCF8BD5-0B93-48A6-95E8-B29F35059022}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{44A86475-E68D-400B-B78A-496FA4D609DF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6F19D73C-B391-4C58-BC08-68A9768EAB80}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4BC6A70E-9BB9-4E1C-A8A7-A92FEB41F653}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{17C32BE0-9336-4236-AA0F-EE39EF16466D}] => (Allow) LPort=27015
FirewallRules: [{8ABD19C5-4C48-47D8-91F5-65F2C7C94D2E}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Now.gg, INC -> Bluestack Systems, Inc.)
FirewallRules: [{9FE07F6E-2EA7-4A13-A786-1BB805FC5DAE}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Now.gg, INC -> COMPANY NAME)
FirewallRules: [{59E50443-B54C-4FE7-A968-D6D904DD045F}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Now.gg, INC -> BlueStack Systems)
FirewallRules: [{47BBE347-AFD7-4909-BC61-66FBA94C942B}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe (Now.gg, INC -> The Qt Company Ltd.)
FirewallRules: [TCP Query User{7A992EE8-6BF1-4631-B28C-BA6E2970F5E4}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{685D02A0-D2FA-4D84-A494-9B3AD74984CF}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{1E64FFB0-BE44-469D-900A-8724617AF05D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EF729861-B255-4931-8DC9-2D2BE623BCE6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{ED0E3EB7-717B-4D77-BCCD-B221A6A0704F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{34E1E85E-8DCC-47E8-94DE-F0C95A8533A4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7F31C0B7-5F0C-4564-A3C3-C546643C4BB3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{C54BF379-8771-4AF6-BAE3-ACDF3606FB1E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{61BF5F2B-956E-4075-9181-745B50781C57}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{1146289A-2FD9-44CD-BED9-5416F5390ED1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{24F71F2D-F074-435D-BABB-C234B02FC3D6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{688EF84B-A642-40AF-BAE3-DF543D488A48}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{3C2C179B-FC6B-4D63-B250-F0C3482ECFB8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{88D50364-15E5-4AEB-9AB4-8E61B70BBA88}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [TCP Query User{D3FB3C1C-8A79-41AC-AB02-04AB633F3E00}C:\program files (x86)\3utoolsv3\x86\3utools.exe] => (Allow) C:\program files (x86)\3utoolsv3\x86\3utools.exe (Shenzhen Aidapu Network Technology Co.,Ltd. -> Shenzhen Aidapu Network Technology Co.,Ltd.)
FirewallRules: [UDP Query User{CA878E05-2FBD-4211-B3D6-C3F6601FCE8A}C:\program files (x86)\3utoolsv3\x86\3utools.exe] => (Allow) C:\program files (x86)\3utoolsv3\x86\3utools.exe (Shenzhen Aidapu Network Technology Co.,Ltd. -> Shenzhen Aidapu Network Technology Co.,Ltd.)
FirewallRules: [{86C9C59C-73C9-41A6-89B9-772341051839}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.80\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3876E94A-630F-42EA-849E-C7185E568BD8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E1B67E25-30A2-41C6-9B5C-211D7CD7DCB8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{691BFAF6-6FD1-4852-A23C-EA0D9AD24773}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BDA03096-89CE-439A-A139-3F21F85EFB71}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EEAB1429-C7B2-452D-B9FE-B8E2466A5602}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{052C49AD-FB6F-4EBA-B002-667492D0B551}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C706FEC8-3F8D-4508-887C-E2B5933191AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{69B25DBE-3333-4831-8A78-B8469E00DCC8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D16F9490-7C44-4671-877A-72C96C09FCAB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6B90A311-CBA3-4AC0-8A08-604291D407C2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0458CC86-E913-4527-ACF4-E288C83DD601}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B1FB1599-E6EF-42E4-A253-17AE4E12A598}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{40BF1EF6-34BC-4CEA-896D-5875A049D0C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2B809A49-F259-4046-91D9-F433F26B15E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{30CF89AC-04E9-4671-944B-211B84431FBC}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0D6549DE-2BC8-453D-9F3F-0CCBD90BDD66}] => (Allow) C:\Program Files\Google\Play Games\current\emulator\crosvm.exe (Google LLC -> )
FirewallRules: [{010A6D3C-09C0-48D7-AB29-0B1493F2E09B}] => (Allow) C:\Program Files\Google\Play Games\current\emulator\crosvm.exe (Google LLC -> )
==================== Puntos de Restauración =========================
13-03-2024 13:42:37 ZHPcleaner
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
Name: Dispositivo PCI
Description: Dispositivo PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Controladora simple de comunicaciones PCI
Description: Controladora simple de comunicaciones PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (03/13/2024 06:55:26 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: HP-14-NOTEBOOK)
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.
Error: (03/13/2024 06:54:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 24 C.F.B.3.1.6.9.A.A.A.1.C.1.2.4.4.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR hp-14-Notebook-2.local.
Error: (03/13/2024 06:54:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.84:5353 22 C.F.B.3.1.6.9.A.A.A.1.C.1.2.4.4.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR hp-14-Notebook.local.
Error: (03/13/2024 06:54:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 24 84.1.168.192.in-addr.arpa. PTR hp-14-Notebook-2.local.
Error: (03/13/2024 06:54:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.84:5353 22 84.1.168.192.in-addr.arpa. PTR hp-14-Notebook.local.
Error: (03/13/2024 06:54:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname hp-14-Notebook.local already in use; will try hp-14-Notebook-2.local instead
Error: (03/13/2024 06:54:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister 4 hp-14-Notebook.local. Addr 192.168.1.84
Error: (03/13/2024 06:54:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.84:5353 16 hp-14-Notebook.local. AAAA 2806:105E:001C:79C0:ED90:50AF:4E33:6562
Errores del sistema:
=============
Error: (03/14/2024 07:46:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Google Update Servicio (gupdate) no pudo iniciarse debido al siguiente error:
El servicio no respondió a tiempo a la solicitud de inicio o de control.
Error: (03/14/2024 07:46:18 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Google Update Servicio (gupdate).
Error: (03/14/2024 07:44:07 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: El controlador detectó un error interno del controlador en \Device\VBoxNetLwf.
Error: (03/14/2024 07:44:06 AM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT AUTHORITY)
Description: Se activó el temporizador de vigilancia del sistema.
Error: (03/14/2024 07:44:12 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 08:33:46 p. m. del 13/03/2024 resultó inesperado.
Error: (03/13/2024 08:25:27 PM) (Source: RTWlanE02) (EventID: 5002) (User: )
Description: Realtek RTL8188EE 802.11 bgn Wi-Fi Adapter : se determinó que el adaptador de red no está funcionando correctamente.
Error: (03/13/2024 06:54:44 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: El controlador detectó un error interno del controlador en \Device\VBoxNetLwf.
Error: (03/13/2024 01:47:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Google Update Servicio (gupdate) no pudo iniciarse debido al siguiente error:
El servicio no respondió a tiempo a la solicitud de inicio o de control.
==================== Información de la memoria ===========================
BIOS: Insyde F.1B 07/27/2016
Placa base: Hewlett-Packard 218B
Procesador: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Porcentaje de memoria en uso: 71%
RAM física total: 6042.35 MB
RAM física disponible: 1714.64 MB
Virtual total: 9754.35 MB
Virtual disponible: 5076.65 MB
==================== Unidades ================================
Drive c: () (Fixed) (Total:237.9 GB) (Free:47.7 GB) (Model: XrayDisk 256GB SSD) NTFS
\\?\Volume{f61720cd-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{f61720cd-0000-0000-0000-d07c3b000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: F61720CD)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=535 MB) - (Type=27)
==================== Final de Addition.txt =======================
hola eh notado algo que creo que no es normal y es que svchost.exe ah empezado a usar el 90 porciento de procesador cuando inicio windows y al cabo de 3 minutos deja de usar tantos recursos salu2
ok por mi no hay problema salu2
hola este no es por molestar pero la proteccion contra ramsomware me ha bloqueado un archivo llamado service.exe no se que sea pero es solo para mantenerte informado
salu2
hola este se que te estas tomando tu tiempo respondiendo a otros crees que me podrias dar una fecha estimada seguir con mi tema ya que el problema me a estado fatidiando ya que en unos dias no podre usar esta pc por un viaje asi que saludos[quote=“DanielG, post:27, topic:33084, full:true”] Hola @hola
Hoy ando corto de tiempo mañana veo si puedo revisar el reporte
Saludos [/quote]
Hola @hola
Si podes tráeme un reporte nuevo de farbar ya pasaron varios días y ese ya no me sirve.
Mañana lo reviso sin falta
Saludos
perdon por no contestarte claro te traigo los reportes sin falta
salu2
FRST.txt (41,1 KB) Addition.txt (42,3 KB) listo
salu2
1 me gusta
hola gracias por atender a mi caso @DanielG pero me a pasado algo hace unos dias y es que al dejar google chrome abierto me avisa que hay trafico inusual crees que se relacione con mi problema? salu2
Hola @hola
Realiza lo siguiente
Ahora debes de hacer una COPIA DE SEGURIDAD DEL REGISTRO, para ello:
-
Reinicias el ordenador en Modo Normal.
-
Descargas DelFix en tu escritorio.
-
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)
-
Marcas solamente la casilla de Create registry backup, el resto te aseguras de que no estén seleccionadas.
-
Presionas en Run.
Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.
Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
Start::
SystemRestore: On
CreateRestorePoint:
VirusScan: C:\Windows\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat;C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\...\Run: [AdobeBridge] => [X]
2024-03-11 17:16 - 2024-03-11 17:16 - 000000000 ____D C:\Users\victo\AppData\LocalLow\YandereDev
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Ningún archivo
2024-03-13 13:43 - 2024-03-13 13:43 - 000000000 ____D C:\ProgramData\Norton
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\Software\Classes\regfile: <==== ATENCIÓN
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\Software\Classes\.reg: => <==== ATENCIÓN
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\Software\Classes\.bat: => <==== ATENCIÓN
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\Software\Classes\.cmd: => <==== ATENCIÓN
CMD: sfc /scannow
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
End::Lo guardas con el nombre de FIXLIST.TXT en tu escritorio (MUY IMPORTANTE). Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.
El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.
Finalmente (OJO, en MODO NORMAL):
-
Ejecutas nuevamente FRST.exe (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador).
-
Presionas sobre Fix/Corregir y esperas a que finalice el proceso. No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.
-
Cunado finalice, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta.
-
Reinicias el ordenador en Modo Normal compruebas durante un rato el funcionamiento de este y comentas como sigue el problema inicialmente planteado.
Muy Importante Coloca el reporte que te he pedido como se muestra en la siguiente imagen:
1 me gusta
Ejecutado por victo (25-04-2024 17:00:20) Run:1
Ejecutado desde C:\Users\victo\Desktop
Perfiles cargados: victo & victo_194zloz
Modo de Inicio: Normal
==============================================
fixlist contenido:
*****************
Start::
SystemRestore: On
CreateRestorePoint:
VirusScan: C:\Windows\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat;C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\...\Run: [AdobeBridge] => [X]
2024-03-11 17:16 - 2024-03-11 17:16 - 000000000 ____D C:\Users\victo\AppData\LocalLow\YandereDev
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Ningún archivo
2024-03-13 13:43 - 2024-03-13 13:43 - 000000000 ____D C:\ProgramData\Norton
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\Software\Classes\regfile: <==== ATENCIÓN
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\Software\Classes\.reg: => <==== ATENCIÓN
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\Software\Classes\.bat: => <==== ATENCIÓN
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\Software\Classes\.cmd: => <==== ATENCIÓN
CMD: sfc /scannow
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
End::
*****************
SystemRestore: On => completado
El punto de restauración fue creado correctamente.
Virusscan: C:\Windows\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat => https://virusscan.jotti.org/filescanjob/ylk10obdn6
Virusscan: C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat => https://virusscan.jotti.org/filescanjob/0ydjfmk9f9
"HKU\S-1-5-21-2860472463-3070343665-445750963-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => eliminado correctamente
"C:\Users\victo\AppData\LocalLow\YandereDev" Carpeta mover:
C:\Users\victo\AppData\LocalLow\YandereDev => movido correctamente
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => eliminado correctamente
"C:\ProgramData\Norton" Carpeta mover:
C:\ProgramData\Norton => movido correctamente
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\Software\Classes\regfile => eliminado correctamente
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\Software\Classes\.reg => eliminado correctamente
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\Software\Classes\.bat => eliminado correctamente
HKU\S-1-5-21-2860472463-3070343665-445750963-1001\Software\Classes\.cmd => eliminado correctamente
========= sfc /scannow =========
Iniciando examen en el sistema. Este proceso tardará algún tiempo.
Iniciando la fase de comprobación del examen del sistema.
Se completó la comprobación de 0%.
Se completó la comprobación de 1%.
Se completó la comprobación de 1%.
Se completó la comprobación de 2%.
Se completó la comprobación de 3%.
Se completó la comprobación de 3%.
Se completó la comprobación de 4%.
Se completó la comprobación de 4%.
Se completó la comprobación de 5%.
Se completó la comprobación de 6%.
Se completó la comprobación de 6%.
Se completó la comprobación de 7%.
Se completó la comprobación de 7%.
Se completó la comprobación de 8%.
Se completó la comprobación de 9%.
Se completó la comprobación de 9%.
Se completó la comprobación de 10%.
Se completó la comprobación de 11%.
Se completó la comprobación de 11%.
Se completó la comprobación de 12%.
Se completó la comprobación de 12%.
Se completó la comprobación de 13%.
Se completó la comprobación de 14%.
Se completó la comprobación de 14%.
Se completó la comprobación de 15%.
Se completó la comprobación de 15%.
Se completó la comprobación de 16%.
Se completó la comprobación de 17%.
Se completó la comprobación de 17%.
Se completó la comprobación de 18%.
Se completó la comprobación de 19%.
Se completó la comprobación de 19%.
Se completó la comprobación de 20%.
Se completó la comprobación de 20%.
Se completó la comprobación de 21%.
Se completó la comprobación de 22%.
Se completó la comprobación de 22%.
Se completó la comprobación de 23%.
Se completó la comprobación de 23%.
Se completó la comprobación de 24%.
Se completó la comprobación de 25%.
Se completó la comprobación de 25%.
Se completó la comprobación de 26%.
Se completó la comprobación de 27%.
Se completó la comprobación de 27%.
Se completó la comprobación de 28%.
Se completó la comprobación de 28%.
Se completó la comprobación de 29%.
Se completó la comprobación de 30%.
Se completó la comprobación de 30%.
Se completó la comprobación de 31%.
Se completó la comprobación de 31%.
Se completó la comprobación de 32%.
Se completó la comprobación de 33%.
Se completó la comprobación de 33%.
Se completó la comprobación de 34%.
Se completó la comprobación de 35%.
Se completó la comprobación de 35%.
Se completó la comprobación de 36%.
Se completó la comprobación de 36%.
Se completó la comprobación de 37%.
Se completó la comprobación de 38%.
Se completó la comprobación de 38%.
Se completó la comprobación de 39%.
Se completó la comprobación de 39%.
Se completó la comprobación de 40%.
Se completó la comprobación de 41%.
Se completó la comprobación de 41%.
Se completó la comprobación de 42%.
Se completó la comprobación de 42%.
Se completó la comprobación de 43%.
Se completó la comprobación de 44%.
Se completó la comprobación de 44%.
Se completó la comprobación de 45%.
Se completó la comprobación de 46%.
Se completó la comprobación de 46%.
Se completó la comprobación de 47%.
Se completó la comprobación de 47%.
Se completó la comprobación de 48%.
Se completó la comprobación de 49%.
Se completó la comprobación de 49%.
Se completó la comprobación de 50%.
Se completó la comprobación de 50%.
Se completó la comprobación de 51%.
Se completó la comprobación de 52%.
Se completó la comprobación de 52%.
Se completó la comprobación de 53%.
Se completó la comprobación de 54%.
Se completó la comprobación de 54%.
Se completó la comprobación de 55%.
Se completó la comprobación de 55%.
Se completó la comprobación de 56%.
Se completó la comprobación de 57%.
Se completó la comprobación de 57%.
Se completó la comprobación de 58%.
Se completó la comprobación de 58%.
Se completó la comprobación de 59%.
Se completó la comprobación de 60%.
Se completó la comprobación de 60%.
Se completó la comprobación de 61%.
Se completó la comprobación de 62%.
Se completó la comprobación de 62%.
Se completó la comprobación de 63%.
Se completó la comprobación de 63%.
Se completó la comprobación de 64%.
Se completó la comprobación de 65%.
Se completó la comprobación de 65%.
Se completó la comprobación de 66%.
Se completó la comprobación de 66%.
Se completó la comprobación de 67%.
Se completó la comprobación de 68%.
Se completó la comprobación de 68%.
Se completó la comprobación de 69%.
Se completó la comprobación de 70%.
Se completó la comprobación de 70%.
Se completó la comprobación de 71%.
Se completó la comprobación de 71%.
Se completó la comprobación de 72%.
Se completó la comprobación de 73%.
Se completó la comprobación de 73%.
Se completó la comprobación de 74%.
Se completó la comprobación de 74%.
Se completó la comprobación de 75%.
Se completó la comprobación de 76%.
Se completó la comprobación de 76%.
Se completó la comprobación de 77%.
Se completó la comprobación de 78%.
Se completó la comprobación de 78%.
Se completó la comprobación de 79%.
Se completó la comprobación de 79%.
Se completó la comprobación de 80%.
Se completó la comprobación de 81%.
Se completó la comprobación de 81%.
Se completó la comprobación de 82%.
Se completó la comprobación de 82%.
Se completó la comprobación de 83%.
Se completó la comprobación de 84%.
Se completó la comprobación de 84%.
Se completó la comprobación de 85%.
Se completó la comprobación de 85%.
Se completó la comprobación de 86%.
Se completó la comprobación de 87%.
Se completó la comprobación de 87%.
Se completó la comprobación de 88%.
Se completó la comprobación de 89%.
Se completó la comprobación de 89%.
Se completó la comprobación de 90%.
Se completó la comprobación de 90%.
Se completó la comprobación de 91%.
Se completó la comprobación de 92%.
Se completó la comprobación de 92%.
Se completó la comprobación de 93%.
Se completó la comprobación de 93%.
Se completó la comprobación de 94%.
Se completó la comprobación de 95%.
Se completó la comprobación de 95%.
Se completó la comprobación de 96%.
Se completó la comprobación de 97%.
Se completó la comprobación de 97%.
Se completó la comprobación de 98%.
Se completó la comprobación de 98%.
Se completó la comprobación de 99%.
Se completó la comprobación de 100%.
Protección de recursos de Windows encontró archivos dañados y los reparó correctamente.
Para las reparaciones en línea, los detalles se encuentran en el archivo de registro de CBS ubicado en
windir\Logs\CBS\CBS.log. Por ejemplo, C:\Windows\Logs\CBS\CBS.log. Para las reparaciones
sin conexión, los detalles se encuentran en el archivo de registro que proporciona la marca /OFFLOGFILE.
========= Final de CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= Final de CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de rea local* 10 mientras los medios
est‚n desconectados.
Adaptador de Ethernet Ethernet:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de Ethernet Ethernet 2:
Sufijo DNS espec¡fico para la conexi¢n. . :
V¡nculo: direcci¢n IPv6 local. . . : fe80::885c:fe4a:fa1d:8875%5
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.56.1
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . :
Adaptador de LAN inal mbrica Conexi¢n de rea local* 1:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de LAN inal mbrica Conexi¢n de rea local* 10:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de LAN inal mbrica Wi-Fi:
Sufijo DNS espec¡fico para la conexi¢n. . : domain_not_set.invalid
Direcci¢n IPv6 . . . . . . . . . . : 2806:105e:1c:c2fa:51c7:d1a8:fe38:8108
Direcci¢n IPv6 temporal. . . . . . : 2806:105e:1c:c2fa:55b2:c6db:fb31:1e86
V¡nculo: direcci¢n IPv6 local. . . : fe80::4421:c1aa:a961:3bfc%7
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.84
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : fe80::1%7
192.168.1.254
========= Final de CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
{FF1168ED-EE36-49F5-95DD-6633753E24F3} canceled.
1 out of 1 jobs canceled.
========= Final de CMD: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= Final de CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= Final de CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= Final de CMD: =========
========= netsh int ipv4 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
========= netsh int ipv6 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-2860472463-3070343665-445750963-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-2860472463-3070343665-445750963-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-2860472463-3070343665-445750963-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-2860472463-3070343665-445750963-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
========= Final de RemoveProxy: =========
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.
=========== EmptyTemp: ==========
FlushDNS => completado
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29509400 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 192042853 B
Windows/system/drivers => 157597358 B
Edge => 0 B
Chrome => 242807740 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 76573 B
systemprofile32 => 76615 B
LocalService => 76615 B
NetworkService => 11116267 B
victo => 6941673303 B
victo_194zloz => 7216291739 B
RecycleBin => 377104730 B
EmptyTemp: => 14.1 GB datos temporales eliminados.
================================
El sistema necesita reiniciarse.
==== Final de Fixlog 17:05:55 ====
escribe o pega el código aquí
Como sigue funcionando todo?
Saludos
Pues a desaparecido los intentos de powershell por el momento pero todavía me extraña que use demasiado procesador. Y si no es molestia me ayudarías a eliminar mcafe de mi computadora.
Salu2
FRST.txt (56,2 KB) Addition.txt (50,6 KB) powershell a vueto deberi pasar de nuevo el codigo que me mandaste?
salu2
Hola nuevamente
Realiza lo siguiente
Instala y ejecuta Revo Uninstaller | InfoSpyware y desinstalas cualquier programa que tenga o contenga los siguientes nombres en modo avanzado.
- Wondershare + lo que sea
- McAfee + lo que sea
Cuando te sale el aviso de que se bloqueo PowerShell estas haciendo algo en particular?
Me comentas si sigue apareciendo luego de eliminar los anteriores programas
Saludos
1 me gusta
hola volvi este fue por que fui al mar de bolivia (mentira) y hice lo que me dijiste de revo unistaler ah lo de powershell pasa en cualquier momento pero es menos que antes puede pasar con solo prender el pc bno gracias por ayudarme salu2