Pup Optional Booking

sandra · 18 Noviembre, 2023 09:30

Hola, @marron. Te comento, el antivirus que utilizo actualmente es el de Windows Defender, que es el que estaba instalado en el pc y el Firewall el viene instalado en el pc por defecto. El McAfee al comprar el pc tenía un periodo de tiempo gratuito, pero después del tiempo de prueba no compre la licencia. Por lo que es legal. En cuanto al Malwarebytes lo descargue de su página oficial cuando surgió el problema de infección en el pc. Por lo que debe ser también legal. El ExpressVPN me venía también en el pc como McAfee por un periodo de tiempo gratuito y después no compre la licencia, pero cuando tome la mala decisión de adquirir el SpyHunter creo que me dijo de descargar una versión de ese programa. Por lo que no sé decirte, el primero era legal, pero el del SpyHunter… Pero vamos que no lo utilizo, así que no habría problema en quitarlo y ahorrarnos problemas. Y el otro de HP que me dices no tengo ni idea que es, ya que solo actualizo por lo que si quieres lo quitamos. El SpyHunter lo adquirí de su pagina web. El problema me surgió porque encontré una página que estaba difundiendo mi trabajo y al comprobarlo me infecto el pc. Así que puedes imaginar, me piratean y me estropean el ordenador. Muchas gracias por todo. Quedo a la espera de tus comentarios para proseguir. Un saludo.

MIXU · 20 Noviembre, 2023 00:27

Hola buenas @sandra

OK.

OK. Lo quitaremos pues.

OK.

OK. Lo quitaremos pues.

OK. Lo veremos

OK.

De nada gracias por confiar en el foro y en mi persona.

Ok. pues dicho todo esto lanza el Script que arme de FRST para tu caso y me traes el log de los resultados que te pedí y me comentas de nuevo como sigue tu PC respecto al problema inicial planteado en este tema.

Salu2.

sandra · 21 Noviembre, 2023 23:11

Hola, @MIXU. Te comento, he desinstalado los programas de SpyHunter, VPN y McAfee. Me indicaba en un paso si creaba un punto de restauración y le he dado que no. Espero no haberme equivocado. En cuanto McAfee me aparece WebAdvisor de este programa ¿lo desinstalo también? Me he quedado en el paso 2 porque he podido quitar la extensión de SpyHunter Web Security, pero Edge relevant text changes no me aparece. Solo una de Malwarebytes y otra de documentos de Google sin conexión. Me siguen apareciendo en la barra del navegador las siguientes páginas.

Si me pongo sobre ellas, siguen saliendo lo que te mostré en el anterior post. Quedo a la espera de me digas como debo proseguir, porque no sé si es recomendable que continúe con el siguiente paso si no he podido eliminar la otra extensión pendiente. Gracias, de nuevo. Un saludo.

MIXU · 23 Noviembre, 2023 23:03

Hola buenas @sandra

Ok.

Yes, evidentemente no es malware esta extensión peor la quitaremos ay que después pondremos alguna otra cosa mejor.

OK

OK. Pues de momento seguiremos sin quitarla, no es malware como tal, pero yo la quitaría si se puede… o cuando se pueda.

OK.

De nada.

Sí, puedes seguir perfectamente con el resto de pasos sin ningún problema. Para finalmente utilizar el Script que cree para tu caso específico. Sigues todo el resto de pasos que te puse y me traes el FIXLOG.TXT.

Seguimos.

Salu2.

sandra · 24 Noviembre, 2023 18:09

Hola, @MIXU. Después de reiniciar el pc una vez ha terminado de corregir FRST.exe me ha salido un aviso de Onedrive que se había eliminado el archivo del escritorio de FIXLIST.TXT y yo no le he dado a eliminar. Es por saber si es normal o es algo raro. Te facilito el informe de FIXLOG.TXT, lo tengo que hacer en varios comentarios por la cantidad.

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 05-11-2023 02
Ejecutado por sandr (24-11-2023 18:39:34) Run:1
Ejecutado desde C:\Users\sandr\OneDrive\Escritorio
Perfiles cargados: sandr
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:

Folder: C:\ProgramData\USOPrivate
Folder: C:\Program Files\EnigmaSoft
Folder: C:\Users\sandr\AppData\Roaming\Microsoft\Document Building Blocks
Folder: C:\Users\sandr\AppData\Roaming\Microsoft\QuickStyles
Folder: C:\Users\sandr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\njlbddfaminajpokdojoimbcbaaboohm
Folder: C:\sh5ldr
Folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
Folder: C:\ProgramData\EnigmaSoft Limited
Folder: C:\ProgramData\Packages
Folder: C:\hp
Folder: C:\ProgramData\McInstTemp0218891670236073
File: C:\WINDOWS\system32\Drivers\gen3p1pkey.dat;C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk;C:\WINDOWS\system32\ctac.json;C:\WINDOWS\SysWOW64\ctac.json;C:\WINDOWS\system32\hologramcompositor.lock;C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json;C:\System.sav;C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_642dd10f697d62b0\x64\BridgeCommunication.exe;C:\Windows\System32\DriverStore\FileRepository\u0387389.inf_amd64_995be970e30b8c79\B385477\atieclxx.exe
File: %systemroot%\system32\MusNotification.exe
VirusTotal: C:\WINDOWS\system32\Drivers\gen3p1pkey.dat;C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk;C:\WINDOWS\system32\ctac.json;C:\WINDOWS\SysWOW64\ctac.json;C:\WINDOWS\system32\hologramcompositor.lock;C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json;C:\System.sav;C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_642dd10f697d62b0\x64\BridgeCommunication.exe;C:\Windows\System32\DriverStore\FileRepository\u0387389.inf_amd64_995be970e30b8c79\B385477\atieclxx.exe
VirusTotal: %systemroot%\system32\MusNotification.exe

(services.exe ->) (EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Ningún archivo)
Edge DefaultProfile: Default
Edge Profile: C:\Users\sandr\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-15]
Edge Extension: (Edge relevant text changes) - C:\Users\sandr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-24]
Edge Extension: (SpyHunter® Web Security) - C:\Users\sandr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\njlbddfaminajpokdojoimbcbaaboohm [2023-10-24]
S2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [17418784 2023-10-24] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [2525216 2023-10-24] (EnigmaSoft Limited -> EnigmaSoft Limited)
2023-11-15 16:52 - 2023-11-15 16:56 - 000000000 ___HD C:\$WinREAgent
2023-10-24 19:50 - 2023-10-24 19:50 - 000001086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk
2023-10-24 19:50 - 2023-10-24 19:50 - 000000000 ____D C:\sh5ldr
2023-10-24 19:50 - 2023-10-24 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2023-10-24 19:50 - 2023-10-24 19:50 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2023-10-24 12:17 - 2023-10-24 23:00 - 000000000 ___HD C:\$SysReset
2023-10-24 13:08 - 2022-12-05 11:27 - 000000000 ____D C:\ProgramData\McInstTemp0218891670236073
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} =>  -> Ningún archivo
C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
C:\Program Files\EnigmaSoft\SpyHunter
2023-10-24 19:48 - 2023-10-24 19:48 - 000000000 ____D C:\Program Files\EnigmaSoft

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Error: (0) Error al crear un punto de restauración.
Procesos cerrados correctamente.

========================= Folder: C:\ProgramData\USOPrivate ========================

2023-10-24 13:12 - 2023-11-24 18:25 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\USOPrivate\UpdateStore
2023-10-24 13:31 - 2023-11-14 20:47 - 014651392 ____A [245BA981E49F8A5CFAF1EFA1D4AAA6DC] () C:\ProgramData\USOPrivate\UpdateStore\store.bak
2023-10-24 13:12 - 2023-11-24 18:25 - 014651392 ____A [6B9B8BBA2CE811198AFBF4916AD4F563] () C:\ProgramData\USOPrivate\UpdateStore\store.db

====== Final de Folder: ======


========================= Folder: C:\Program Files\EnigmaSoft ========================

no encontrado.

====== Final de Folder: ======


========================= Folder: C:\Users\sandr\AppData\Roaming\Microsoft\Document Building Blocks ========================

2023-11-04 15:51 - 2023-11-04 15:51 - 000000000 ____D [00000000000000000000000000000000] C:\Users\sandr\AppData\Roaming\Microsoft\Document Building Blocks\2057
2023-11-04 15:51 - 2023-11-04 15:51 - 000000000 ____D [00000000000000000000000000000000] C:\Users\sandr\AppData\Roaming\Microsoft\Document Building Blocks\2057\16
2023-11-04 15:51 - 2023-10-24 13:50 - 003388979 ____A [642F8F2C4F536CEA1A9498A2CD6BA9D9] () C:\Users\sandr\AppData\Roaming\Microsoft\Document Building Blocks\2057\16\Built-In Building Blocks.dotx
2023-11-04 15:51 - 2023-11-04 15:51 - 000000000 ____D [00000000000000000000000000000000] C:\Users\sandr\AppData\Roaming\Microsoft\Document Building Blocks\3082
2023-11-04 15:51 - 2023-11-16 16:17 - 000000000 ____D [00000000000000000000000000000000] C:\Users\sandr\AppData\Roaming\Microsoft\Document Building Blocks\3082\16
2023-11-04 15:51 - 2023-11-04 15:51 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\sandr\AppData\Roaming\Microsoft\Document Building Blocks\3082\16\Building Blocks.dotx
2023-11-04 15:51 - 2023-10-24 13:50 - 003402347 ____A [600467D023160A8AD5ED5EFD4890A2E2] () C:\Users\sandr\AppData\Roaming\Microsoft\Document Building Blocks\3082\16\Built-In Building Blocks.dotx

====== Final de Folder: ======


========================= Folder: C:\Users\sandr\AppData\Roaming\Microsoft\QuickStyles ========================


====== Final de Folder: ======


========================= Folder: C:\Users\sandr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\njlbddfaminajpokdojoimbcbaaboohm ========================

no encontrado.

====== Final de Folder: ======


========================= Folder: C:\sh5ldr ========================

no encontrado.

====== Final de Folder: ======


========================= Folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft ========================

no encontrado.

====== Final de Folder: ======


========================= Folder: C:\ProgramData\EnigmaSoft Limited ========================

no encontrado.

====== Final de Folder: ======


========================= Folder: C:\ProgramData\Packages ========================

2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AD2F1837.HPInc.EnergyStar_v10z8vjag6ke6
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AD2F1837.HPInc.EnergyStar_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AD2F1837.HPInc.EnergyStar_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AD2F1837.HPPCHardwareDiagnosticsWindows_v10z8vjag6ke6
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AD2F1837.HPPCHardwareDiagnosticsWindows_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AD2F1837.HPPCHardwareDiagnosticsWindows_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AD2F1837.HPPrinterControl_v10z8vjag6ke6
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AD2F1837.HPPrinterControl_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:44 - 2023-11-10 21:36 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AD2F1837.HPPrinterControl_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-11-10 21:36 - 2023-11-10 21:36 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AD2F1837.HPPrinterControl_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium
2023-11-10 21:36 - 2023-11-10 21:36 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AD2F1837.HPPrinterControl_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache
2023-11-10 21:36 - 2023-11-10 21:36 - 000008192 ____A [677F417202F0B062F9E86ECD485D7F08] () C:\ProgramData\Packages\AD2F1837.HPPrinterControl_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\cf9df7f95e5f7f5f.dat
2023-11-10 21:36 - 2023-11-10 21:36 - 000008192 ____A [E8852EEF36037645D10A555704BDF9FE] () C:\ProgramData\Packages\AD2F1837.HPPrinterControl_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\cf9df7f95e5f7f5f_COM15.dat
2023-11-10 21:36 - 2023-11-10 21:36 - 000008192 __ASH [A816563E52991DAD4B43FBDBF704901F] () C:\ProgramData\Packages\AD2F1837.HPPrinterControl_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\cf9df7f95e5f7f5f_COM15.dat.LOG1
2023-11-10 21:36 - 2023-11-10 21:36 - 000000000 __ASH [D41D8CD98F00B204E9800998ECF8427E] () C:\ProgramData\Packages\AD2F1837.HPPrinterControl_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\cf9df7f95e5f7f5f_COM15.dat.LOG2
2023-10-24 13:28 - 2023-10-24 13:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AD2F1837.HPSystemEventUtility_v10z8vjag6ke6
2023-10-24 13:28 - 2023-10-24 13:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AD2F1837.HPSystemEventUtility_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:28 - 2023-10-24 13:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AD2F1837.HPSystemEventUtility_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:28 - 2023-10-24 13:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AD2F1837.HPSystemEventUtility_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium
2023-10-24 13:28 - 2023-10-24 13:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AD2F1837.HPSystemEventUtility_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache
2023-10-24 13:28 - 2023-10-24 13:28 - 000008192 ____A [49899CCD71C476EE0C903B04322B303C] () C:\ProgramData\Packages\AD2F1837.HPSystemEventUtility_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\30d421d61cc6ae7b.dat
2023-10-24 13:28 - 2023-10-24 13:28 - 000008192 ____A [0F978BCFF1B7391F445C4B6EFF052F6A] () C:\ProgramData\Packages\AD2F1837.HPSystemEventUtility_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\30d421d61cc6ae7b_COM15.dat
2023-10-24 13:28 - 2023-10-24 13:28 - 000008192 __ASH [CA774250F9D53460455FD5D03CD34118] () C:\ProgramData\Packages\AD2F1837.HPSystemEventUtility_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\30d421d61cc6ae7b_COM15.dat.LOG1
2023-10-24 13:28 - 2023-10-24 13:28 - 000008192 __ASH [A9652D6A362608B98C6CD0A6C1947B9B] () C:\ProgramData\Packages\AD2F1837.HPSystemEventUtility_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\30d421d61cc6ae7b_COM15.dat.LOG2
2023-10-24 13:27 - 2023-10-24 13:27 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AD2F1837.myHP_v10z8vjag6ke6
2023-10-24 13:27 - 2023-10-24 13:27 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AD2F1837.myHP_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:27 - 2023-10-24 13:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AD2F1837.myHP_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:28 - 2023-10-24 13:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AD2F1837.myHP_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium
2023-10-24 13:28 - 2023-11-03 14:57 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AD2F1837.myHP_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache
2023-11-03 14:57 - 2023-11-03 14:57 - 000008192 ____A [0BB9C0DD7032EFDF8981E1A16120B514] () C:\ProgramData\Packages\AD2F1837.myHP_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\656e35a9d303b031.dat
2023-11-03 14:57 - 2023-11-03 14:57 - 000008192 ____A [0F09FF8CAFD632BEB5BFFD8D586A1821] () C:\ProgramData\Packages\AD2F1837.myHP_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\656e35a9d303b031_COM15.dat
2023-11-03 14:57 - 2023-11-03 14:57 - 000008192 __ASH [70E0E102319003E5C9DABCC9BA42560C] () C:\ProgramData\Packages\AD2F1837.myHP_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\656e35a9d303b031_COM15.dat.LOG1
2023-11-03 14:57 - 2023-11-03 14:57 - 000008192 __ASH [66E2875456234B8581D19483A6F01F84] () C:\ProgramData\Packages\AD2F1837.myHP_v10z8vjag6ke6\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\656e35a9d303b031_COM15.dat.LOG2
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_0a9344xs7nr4m
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_0a9344xs7nr4m\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_0a9344xs7nr4m\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\C27EB4BA.DropboxOEM_xbfy0k16fey96
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\C27EB4BA.DropboxOEM_xbfy0k16fey96\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\C27EB4BA.DropboxOEM_xbfy0k16fey96\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Clipchamp.Clipchamp_yxz26nhyzhsrt
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Clipchamp.Clipchamp_yxz26nhyzhsrt\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:44 - 2023-10-25 15:52 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Clipchamp.Clipchamp_yxz26nhyzhsrt\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-25 15:52 - 2023-10-25 15:52 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Clipchamp.Clipchamp_yxz26nhyzhsrt\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium
2023-10-25 15:52 - 2023-11-10 18:04 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Clipchamp.Clipchamp_yxz26nhyzhsrt\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache
2023-11-10 18:04 - 2023-11-10 18:04 - 000008192 ____A [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Clipchamp.Clipchamp_yxz26nhyzhsrt\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\e32582f5c80c1eb4.dat
2023-11-10 18:04 - 2023-11-10 18:04 - 000008192 ____A [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Clipchamp.Clipchamp_yxz26nhyzhsrt\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\e32582f5c80c1eb4_COM15.dat
2023-11-10 18:04 - 2023-11-10 18:04 - 000008192 __ASH [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Clipchamp.Clipchamp_yxz26nhyzhsrt\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\e32582f5c80c1eb4_COM15.dat.LOG1
2023-11-10 18:04 - 2023-11-10 18:04 - 000000000 __ASH [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Clipchamp.Clipchamp_yxz26nhyzhsrt\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\e32582f5c80c1eb4_COM15.dat.LOG2
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.6365217CE6EB4_8wekyb3d8bbwe
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.6365217CE6EB4_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:44 - 2023-11-07 20:20 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.6365217CE6EB4_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-11-07 20:20 - 2023-11-07 20:20 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.6365217CE6EB4_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium
2023-11-07 20:20 - 2023-11-07 20:20 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.6365217CE6EB4_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache
2023-11-07 20:20 - 2023-11-07 20:20 - 000008192 ____A [73DEE5A81D9645C22226592F780306EE] () C:\ProgramData\Packages\Microsoft.6365217CE6EB4_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\111c1e6dbc5eb5dd.dat
2023-11-07 20:20 - 2023-11-07 20:20 - 000008192 ____A [1EADDB61AF183527BB38117BB65C0C6B] () C:\ProgramData\Packages\Microsoft.6365217CE6EB4_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\111c1e6dbc5eb5dd_COM15.dat
2023-11-07 20:20 - 2023-11-07 20:20 - 000008192 __ASH [516B87FEB03CD9109302EEED6BE8E776] () C:\ProgramData\Packages\Microsoft.6365217CE6EB4_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\111c1e6dbc5eb5dd_COM15.dat.LOG1
2023-11-07 20:20 - 2023-11-07 20:20 - 000000000 __ASH [D41D8CD98F00B204E9800998ECF8427E] () C:\ProgramData\Packages\Microsoft.6365217CE6EB4_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\111c1e6dbc5eb5dd_COM15.dat.LOG2
2023-10-24 13:27 - 2023-10-24 13:27 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe
2023-10-24 13:27 - 2023-10-24 13:27 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:27 - 2023-10-24 13:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:28 - 2023-10-24 13:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium
2023-10-24 13:28 - 2023-11-15 20:51 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache
2023-11-15 20:51 - 2023-11-15 20:51 - 000008192 ____A [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\19f93eb33678afed.dat
2023-11-15 20:51 - 2023-11-15 20:51 - 000008192 ____A [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\19f93eb33678afed_COM15.dat
2023-11-15 20:51 - 2023-11-15 20:51 - 000008192 __ASH [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\19f93eb33678afed_COM15.dat.LOG1
2023-11-15 20:51 - 2023-11-15 20:51 - 000000000 __ASH [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\19f93eb33678afed_COM15.dat.LOG2
2023-10-24 13:32 - 2023-10-24 13:32 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.GamingApp_8wekyb3d8bbwe
2023-10-24 13:32 - 2023-10-24 13:32 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.GamingApp_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:32 - 2023-10-24 13:32 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.GamingApp_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:19 - 2023-10-24 13:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.MicrosoftEdge.Stable_8wekyb3d8bbwe
2023-10-24 13:19 - 2023-10-24 13:45 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.MicrosoftEdge.Stable_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1000
2023-10-24 13:28 - 2023-10-24 13:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.MicrosoftEdge.Stable_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:28 - 2023-10-24 13:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.MicrosoftEdge.Stable_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.MixedReality.Portal_8wekyb3d8bbwe
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.MixedReality.Portal_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.MixedReality.Portal_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:28 - 2023-10-24 13:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.OneDriveSync_8wekyb3d8bbwe
2023-10-24 13:28 - 2023-10-24 13:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.OneDriveSync_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:28 - 2023-10-24 13:33 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.OneDriveSync_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:33 - 2023-10-24 13:33 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.OneDriveSync_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium
2023-10-24 13:33 - 2023-11-21 10:11 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.OneDriveSync_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache
2023-11-21 10:11 - 2023-11-21 10:11 - 000008192 ____A [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Microsoft.OneDriveSync_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\53b5ed3b3ccb794b.dat
2023-11-21 10:11 - 2023-11-21 10:11 - 000008192 ____A [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Microsoft.OneDriveSync_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\53b5ed3b3ccb794b_COM15.dat
2023-11-21 10:11 - 2023-11-21 10:11 - 000008192 __ASH [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Microsoft.OneDriveSync_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\53b5ed3b3ccb794b_COM15.dat.LOG1
2023-11-21 10:11 - 2023-11-21 10:11 - 000000000 __ASH [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Microsoft.OneDriveSync_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\53b5ed3b3ccb794b_COM15.dat.LOG2
2023-10-27 19:24 - 2023-10-27 19:24 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.OutlookForWindows_8wekyb3d8bbwe
2023-10-27 19:24 - 2023-10-27 19:24 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.OutlookForWindows_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-27 19:24 - 2023-10-27 19:25 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.OutlookForWindows_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-27 19:25 - 2023-10-27 19:25 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.OutlookForWindows_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium
2023-10-27 19:25 - 2023-11-21 12:11 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.OutlookForWindows_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache
2023-11-21 12:11 - 2023-11-21 12:11 - 000008192 ____A [9CAA5221947E50670B7A1E2067D73FC6] () C:\ProgramData\Packages\Microsoft.OutlookForWindows_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\973420de06b6e1a7.dat
2023-11-21 12:11 - 2023-11-21 12:11 - 000008192 ____A [E3DADD03247C92219BC529303358D82B] () C:\ProgramData\Packages\Microsoft.OutlookForWindows_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\973420de06b6e1a7_COM15.dat
2023-11-21 12:11 - 2023-11-21 12:11 - 000008192 __ASH [47DFE899ED2EE2C9B9898837C8EEBA01] () C:\ProgramData\Packages\Microsoft.OutlookForWindows_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\973420de06b6e1a7_COM15.dat.LOG1
2023-11-21 12:11 - 2023-11-21 12:11 - 000000000 __ASH [D41D8CD98F00B204E9800998ECF8427E] () C:\ProgramData\Packages\Microsoft.OutlookForWindows_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\973420de06b6e1a7_COM15.dat.LOG2
2023-10-24 13:28 - 2023-10-24 13:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.Paint_8wekyb3d8bbwe
2023-10-24 13:28 - 2023-10-24 13:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.Paint_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:28 - 2023-10-24 13:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.Paint_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.PowerAutomateDesktop_8wekyb3d8bbwe
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.PowerAutomateDesktop_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.PowerAutomateDesktop_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:28 - 2023-10-24 13:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.ScreenSketch_8wekyb3d8bbwe
2023-10-24 13:28 - 2023-10-24 13:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.ScreenSketch_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:28 - 2023-10-24 13:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.ScreenSketch_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.Todos_8wekyb3d8bbwe
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.Todos_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.Todos_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.Whiteboard_8wekyb3d8bbwe
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.Whiteboard_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.Whiteboard_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 21:47 - 2023-10-24 21:47 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.Windows.DevHome_8wekyb3d8bbwe
2023-10-24 21:47 - 2023-10-24 21:47 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.Windows.DevHome_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 21:47 - 2023-10-24 21:47 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.Windows.DevHome_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:44 - 2023-10-24 18:37 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 18:37 - 2023-10-24 18:37 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium
2023-10-24 18:37 - 2023-11-21 10:56 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache
2023-11-21 10:56 - 2023-11-21 10:56 - 000008192 ____A [5FA58E6059CA2C01348EACEFE6CDD593] () C:\ProgramData\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\23c15634c8bd9aa4.dat
2023-11-21 10:56 - 2023-11-21 10:56 - 000008192 ____A [BD93E1ED6D5C5AC483A0DBC538273A7D] () C:\ProgramData\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\23c15634c8bd9aa4_COM15.dat
2023-11-21 10:56 - 2023-11-21 10:56 - 000008192 __ASH [2BEBD560F920018833665D783B090494] () C:\ProgramData\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\23c15634c8bd9aa4_COM15.dat.LOG1
2023-11-21 10:56 - 2023-11-21 10:56 - 000000000 __ASH [D41D8CD98F00B204E9800998ECF8427E] () C:\ProgramData\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\23c15634c8bd9aa4_COM15.dat.LOG2
2023-10-24 13:43 - 2023-10-24 13:43 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.WindowsAlarms_8wekyb3d8bbwe
2023-10-24 13:43 - 2023-10-24 13:43 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.WindowsAlarms_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:43 - 2023-10-24 13:43 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.WindowsAlarms_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:28 - 2023-10-24 13:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.WindowsNotepad_8wekyb3d8bbwe
2023-10-24 13:28 - 2023-10-24 13:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.WindowsNotepad_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:28 - 2023-10-29 10:19 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.WindowsNotepad_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-29 10:19 - 2023-10-29 10:19 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.WindowsNotepad_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium
2023-10-29 10:19 - 2023-11-10 18:34 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.WindowsNotepad_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache
2023-11-10 18:34 - 2023-11-10 18:34 - 000008192 ____A [D83E79D40E7D87E6887F10A73C9C987C] () C:\ProgramData\Packages\Microsoft.WindowsNotepad_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\1ffd25a769c4b9e.dat
2023-11-10 18:34 - 2023-11-10 18:34 - 000008192 ____A [44B6E845434AF382CBF59E0594EFCA9A] () C:\ProgramData\Packages\Microsoft.WindowsNotepad_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\1ffd25a769c4b9e_COM15.dat
2023-11-10 18:34 - 2023-11-10 18:34 - 000008192 __ASH [3D998F6EE5E37466A44EB5F1C0256D8E] () C:\ProgramData\Packages\Microsoft.WindowsNotepad_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\1ffd25a769c4b9e_COM15.dat.LOG1
2023-11-10 18:34 - 2023-11-10 18:34 - 000000000 __ASH [D41D8CD98F00B204E9800998ECF8427E] () C:\ProgramData\Packages\Microsoft.WindowsNotepad_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\1ffd25a769c4b9e_COM15.dat.LOG2
2023-10-24 13:26 - 2023-10-24 13:26 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.WindowsStore_8wekyb3d8bbwe
2023-10-24 13:26 - 2023-10-24 13:26 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.WindowsStore_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:26 - 2023-10-24 13:26 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.WindowsStore_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:43 - 2023-10-24 13:43 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.WindowsTerminal_8wekyb3d8bbwe
2023-10-24 13:43 - 2023-10-24 13:43 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.WindowsTerminal_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:43 - 2023-10-24 13:57 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.WindowsTerminal_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:57 - 2023-10-24 13:57 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.WindowsTerminal_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium
2023-10-24 13:57 - 2023-11-10 18:20 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.WindowsTerminal_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache
2023-11-10 18:20 - 2023-11-10 18:20 - 000008192 ____A [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Microsoft.WindowsTerminal_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\b32752240afd650b.dat
2023-11-10 18:20 - 2023-11-10 18:20 - 000008192 ____A [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Microsoft.WindowsTerminal_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\b32752240afd650b_COM15.dat
2023-11-10 18:20 - 2023-11-10 18:20 - 000008192 __ASH [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Microsoft.WindowsTerminal_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\b32752240afd650b_COM15.dat.LOG1
2023-11-10 18:20 - 2023-11-10 18:20 - 000000000 __ASH [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Microsoft.WindowsTerminal_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\b32752240afd650b_COM15.dat.LOG2
2023-10-24 13:43 - 2023-10-24 13:43 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe
2023-10-24 13:43 - 2023-10-24 13:43 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:43 - 2023-10-26 15:51 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-26 15:51 - 2023-10-26 15:51 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium
2023-10-26 15:51 - 2023-11-23 15:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache
2023-11-23 15:44 - 2023-11-23 15:44 - 000008192 ____A [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\43cf35c335633bd3.dat
2023-11-23 15:44 - 2023-11-23 15:44 - 000008192 ____A [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\43cf35c335633bd3_COM15.dat
2023-11-23 15:44 - 2023-11-23 15:44 - 000008192 __ASH [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\43cf35c335633bd3_COM15.dat.LOG1
2023-11-23 15:44 - 2023-11-23 15:44 - 000000000 __ASH [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\43cf35c335633bd3_COM15.dat.LOG2
2023-10-24 13:43 - 2023-10-24 13:43 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.YourPhone_8wekyb3d8bbwe
2023-10-24 13:43 - 2023-10-24 13:43 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.YourPhone_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:43 - 2023-10-24 13:59 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.YourPhone_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:59 - 2023-10-24 13:59 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.YourPhone_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium
2023-10-24 13:59 - 2023-11-21 10:03 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.YourPhone_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache
2023-11-21 10:03 - 2023-11-21 10:03 - 000008192 ____A [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Microsoft.YourPhone_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\129e2d07e010994e.dat
2023-11-21 10:03 - 2023-11-21 10:03 - 000008192 ____A [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Microsoft.YourPhone_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\129e2d07e010994e_COM15.dat
2023-11-21 10:03 - 2023-11-21 10:03 - 000008192 __ASH [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Microsoft.YourPhone_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\129e2d07e010994e_COM15.dat.LOG1
2023-11-21 10:03 - 2023-11-21 10:03 - 000000000 __ASH [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\Microsoft.YourPhone_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\129e2d07e010994e_COM15.dat.LOG2
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftCorporationII.MicrosoftFamily_8wekyb3d8bbwe
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftCorporationII.MicrosoftFamily_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftCorporationII.MicrosoftFamily_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftCorporationII.QuickAssist_8wekyb3d8bbwe
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftCorporationII.QuickAssist_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:44 - 2023-10-24 13:44 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftCorporationII.QuickAssist_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:15 - 2023-10-24 13:27 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftTeams_8wekyb3d8bbwe
2023-10-24 13:15 - 2023-10-24 13:45 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftTeams_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1000
2023-10-24 13:27 - 2023-10-24 13:27 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftTeams_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:27 - 2023-10-24 13:27 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftTeams_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:27 - 2023-10-24 13:27 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftTeams_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium
2023-10-24 13:27 - 2023-11-17 09:55 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftTeams_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache
2023-11-17 09:55 - 2023-11-17 09:55 - 000008192 ____A [79004B7863DF291041AE1B2DD23DF75B] () C:\ProgramData\Packages\MicrosoftTeams_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\faa556742afc07ea.dat
2023-11-17 09:55 - 2023-11-17 09:55 - 000008192 ____A [7264D6B92D283D233901CF13A061BEF0] () C:\ProgramData\Packages\MicrosoftTeams_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\faa556742afc07ea_COM15.dat
2023-11-17 09:55 - 2023-11-17 09:55 - 000008192 __ASH [FF1AB1104271369CAE32014304B09B73] () C:\ProgramData\Packages\MicrosoftTeams_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\faa556742afc07ea_COM15.dat.LOG1
2023-11-17 09:55 - 2023-11-17 09:55 - 000000000 __ASH [D41D8CD98F00B204E9800998ECF8427E] () C:\ProgramData\Packages\MicrosoftTeams_8wekyb3d8bbwe\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\faa556742afc07ea_COM15.dat.LOG2
2022-07-01 02:02 - 2023-10-24 13:26 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy
2022-07-18 05:32 - 2023-10-24 13:08 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\S-1-5-21-2115750115-594766040-3630722290-500
2022-07-18 05:32 - 2022-07-18 05:32 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\S-1-5-21-2115750115-594766040-3630722290-500\SystemAppData
2023-10-24 13:10 - 2023-10-24 13:45 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\S-1-5-21-2496661861-3415350462-1559059813-1000
2023-10-24 13:26 - 2023-10-24 13:26 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:26 - 2023-10-24 13:26 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2022-07-01 02:02 - 2023-10-24 13:08 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\S-1-5-21-3006725625-433158889-2508568151-500
2022-07-01 02:02 - 2022-07-01 02:02 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\S-1-5-21-3006725625-433158889-2508568151-500\SystemAppData
2022-12-05 11:16 - 2023-10-24 13:08 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\S-1-5-21-3474546831-3399051978-1279552269-500
2022-12-05 11:16 - 2022-12-05 11:16 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\S-1-5-21-3474546831-3399051978-1279552269-500\SystemAppData
2023-10-24 13:10 - 2023-10-24 13:26 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy
2023-10-24 13:10 - 2023-10-24 13:45 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\S-1-5-21-2496661861-3415350462-1559059813-1000
2023-10-24 13:26 - 2023-10-24 13:26 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 13:26 - 2023-10-24 13:26 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData
2023-10-24 13:26 - 2023-10-24 13:26 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium
2023-10-24 13:26 - 2023-11-09 18:59 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache
2023-11-09 18:59 - 2023-11-09 18:59 - 000008192 ____A [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\3c8c484ff29e349c.dat
2023-11-09 18:59 - 2023-11-09 18:59 - 000008192 ____A [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\3c8c484ff29e349c_COM15.dat
2023-11-09 18:59 - 2023-11-09 18:59 - 000008192 __ASH [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\3c8c484ff29e349c_COM15.dat.LOG1
2023-11-09 18:59 - 2023-11-09 18:59 - 000000000 __ASH [00000000000000000000000000000000] (Acceso Denegado) C:\ProgramData\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData\Helium\Cache\3c8c484ff29e349c_COM15.dat.LOG2
2023-10-24 14:14 - 2023-10-24 14:14 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\SpotifyAB.SpotifyMusic_zpdnekdrzrea0
2023-10-24 14:14 - 2023-10-24 14:14 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\SpotifyAB.SpotifyMusic_zpdnekdrzrea0\S-1-5-21-2496661861-3415350462-1559059813-1001
2023-10-24 14:14 - 2023-10-24 14:14 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\Packages\SpotifyAB.SpotifyMusic_zpdnekdrzrea0\S-1-5-21-2496661861-3415350462-1559059813-1001\SystemAppData

====== Final de Folder: ======

sandra · 24 Noviembre, 2023 18:13

Hola, @MIXU . Continuo con el informe.

========================= Folder: C:\hp ========================

2022-07-18 15:13 - 2023-10-24 13:07 - 000000000 ___HD [00000000000000000000000000000000] C:\hp\BIN 2022-07-18 05:37 - 2022-05-07 06:19 - 000323584 ____A [788963852D14BD87EA99A5635FBB73B5] (Microsoft Corporation) [Archivo no firmado] C:\hp\BIN\cmd.exe 2022-07-18 05:37 - 2022-07-18 05:37 - 000000371 ____A [2C40978047BCA5BA3BF10D4F3632E689] () C:\hp\BIN\cmdline.cmd 2022-07-18 05:37 - 2022-07-18 05:37 - 000000078 ____A [3D0C9DB067530CD716E24F10E8D55F58] () C:\hp\BIN\precmdline.cmd 2022-07-18 15:13 - 2022-12-05 11:22 - 000005861 ____A [688D36FDC45F4FD23FFB57FD66105BD7] () C:\hp\BIN\RStone.INI 2022-12-05 11:16 - 2022-12-05 11:16 - 000005853 ____A [08C5EF2BE0A040E2086E803276FBEE03] () C:\hp\BIN\rstone_bbv.ini 2022-12-05 11:22 - 2022-12-05 11:22 - 000005861 ____A [688D36FDC45F4FD23FFB57FD66105BD7] () C:\hp\BIN\rstone_bbv2.ini 2022-07-18 05:34 - 2022-07-18 05:34 - 000006572 ____A [24567789D72066A14AE83D9B2A528C73] () C:\hp\BIN\rstone_fbi.ini 2022-07-18 15:15 - 2022-07-18 15:13 - 000006573 ____A [2BC5D0CC41C1BBC321457A6E14B48260] () C:\hp\BIN\RStone1GS.ini 2022-07-18 15:13 - 2022-07-18 15:13 - 000006573 ____A [2BC5D0CC41C1BBC321457A6E14B48260] () C:\hp\BIN\rstone1st.ini 2022-12-05 20:55 - 2022-12-05 20:55 - 000005845 ____A [B192F22B7E86299E27595B5AB599E1CC] () C:\hp\BIN\rstonefupdate.ini 2022-12-05 20:55 - 2022-12-05 20:55 - 000005845 ____A [B192F22B7E86299E27595B5AB599E1CC] () C:\hp\BIN\rstonepatch.ini 2022-07-18 15:22 - 2022-07-18 15:22 - 000006573 ____A [2BC5D0CC41C1BBC321457A6E14B48260] () C:\hp\BIN\rstonepre.ini 2022-12-05 11:21 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\bridge 2022-12-05 11:21 - 2018-04-04 11:57 - 000002390 ____A [195B9DA1656AD32B39BD329B196F0CEA] () C:\hp\bridge\oobe1.txt 2022-12-05 11:21 - 2018-04-04 11:57 - 000000070 ____A [F8D5C2E6B0AE8EF0EFEE18546AAB57A9] () C:\hp\bridge\sub1.txt 2022-07-18 05:37 - 2023-10-24 13:26 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare 2022-12-05 11:31 - 2023-10-24 13:26 - 000000086 ____A [31FC5729511C29C32909A2943524D99C] () C:\hp\HPQWare\Setlocale.bat 2022-12-05 11:21 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\bridge 2022-12-05 11:21 - 2018-04-04 11:57 - 000002390 ____A [D23E0ACF9EF02F7473103EAD571CED98] () C:\hp\HPQWare\bridge\oobe4.txt 2022-12-05 11:21 - 2018-04-04 11:57 - 000000070 ____A [89F2D1ECEE177387606E2FE3F5DA4127] () C:\hp\HPQWare\bridge\sub4.txt 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map 2022-07-18 05:39 - 2009-08-05 18:52 - 000002066 ____A [54885DDEA5CE8F122679912F76053F5D] () C:\hp\HPQWare\browser\Accelerators\map\translateactivity.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\ar-xm 2022-07-18 05:39 - 2016-03-21 12:35 - 000001057 ____A [EA51B2DCF241898A3F538F59B2AA46BA] () C:\hp\HPQWare\browser\Accelerators\map\ar-xm\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001847 ____A [AA400693A145256C902475B108A7E29F] () C:\hp\HPQWare\browser\Accelerators\map\ar-xm\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\cs-cz 2022-07-18 05:39 - 2016-03-21 12:36 - 000001044 ____A [414C4CD8F4759967DC4F8C9E6F5F86AB] () C:\hp\HPQWare\browser\Accelerators\map\cs-cz\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001836 ____A [5EF413A76A69FADC1633318011FFCC26] () C:\hp\HPQWare\browser\Accelerators\map\cs-cz\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\da-dk 2022-07-18 05:39 - 2016-03-21 12:36 - 000001032 ____A [32F72700EF7216ACB13D90BD0BFEFB5C] () C:\hp\HPQWare\browser\Accelerators\map\da-dk\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001820 ____A [0A443D59B220AEC1253BB4EA248C0AA1] () C:\hp\HPQWare\browser\Accelerators\map\da-dk\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\de-de 2022-07-18 05:39 - 2016-03-21 12:36 - 000001028 ____A [5FE8D46BC5CE96E27638384261667A59] () C:\hp\HPQWare\browser\Accelerators\map\de-de\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001865 ____A [E4F4821071E891755CC82E801DD0F4C8] () C:\hp\HPQWare\browser\Accelerators\map\de-de\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\el-gr 2022-07-18 05:39 - 2016-03-21 12:36 - 000001048 ____A [DF2A53E276AA58FBEBADB4EC306E31A5] () C:\hp\HPQWare\browser\Accelerators\map\el-gr\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001846 ____A [22816E1973295F5F3BCBBFC41AF7EDA4] () C:\hp\HPQWare\browser\Accelerators\map\el-gr\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\en-en 2022-07-18 05:39 - 2016-03-21 12:36 - 000001023 ____A [999A9055BF615485BDAECC1CD611F1DD] () C:\hp\HPQWare\browser\Accelerators\map\en-en\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001823 ____A [F474274BAFA9399807DE01CF2E87776D] () C:\hp\HPQWare\browser\Accelerators\map\en-en\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\es-es 2022-07-18 05:39 - 2016-03-21 12:36 - 000001040 ____A [E59DC674A4BFE59E0990767BB78683CF] () C:\hp\HPQWare\browser\Accelerators\map\es-es\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001818 ____A [82E80C8851A1B78A3C60FFFA06F964D0] () C:\hp\HPQWare\browser\Accelerators\map\es-es\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\fi-fi 2022-07-18 05:39 - 2016-03-21 12:36 - 000001057 ____A [98753C67D40CDB60C5AA0AE253DDE941] () C:\hp\HPQWare\browser\Accelerators\map\fi-fi\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001835 ____A [910B747EFFB22C696FE21B9F1814455B] () C:\hp\HPQWare\browser\Accelerators\map\fi-fi\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\fr-fr 2022-07-18 05:39 - 2016-03-21 12:36 - 000001065 ____A [84CEF95498F3C359F0F1E1ADA528AB50] () C:\hp\HPQWare\browser\Accelerators\map\fr-fr\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001821 ____A [CD5684A591A5C165738299B48BE32E61] () C:\hp\HPQWare\browser\Accelerators\map\fr-fr\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\he-il 2022-07-18 05:39 - 2016-03-21 12:36 - 000001056 ____A [EC253FCCC8E358B2BA6452A3B56BEF74] () C:\hp\HPQWare\browser\Accelerators\map\he-il\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001835 ____A [41C45E34BAD01A3BC41406E670911CE7] () C:\hp\HPQWare\browser\Accelerators\map\he-il\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\hu-hu 2022-07-18 05:39 - 2016-03-21 12:36 - 000001042 ____A [6E2248FF309C0CB678135CE85AF70302] () C:\hp\HPQWare\browser\Accelerators\map\hu-hu\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001840 ____A [B6DD32D624328EB9D81F0DC2F9BA8C98] () C:\hp\HPQWare\browser\Accelerators\map\hu-hu\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\it-it 2022-07-18 05:39 - 2016-03-21 12:36 - 000001036 ____A [D08B28F884E400F344BD3F066F4613FC] () C:\hp\HPQWare\browser\Accelerators\map\it-it\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001818 ____A [0FB28BBE17EAF57DB3CA35CF96A37F34] () C:\hp\HPQWare\browser\Accelerators\map\it-it\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\ja-jp 2022-07-18 05:39 - 2016-03-21 12:36 - 000001042 ____A [421FBA50E94CF9B79F1CEED7DF14E6AB] () C:\hp\HPQWare\browser\Accelerators\map\ja-jp\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001821 ____A [6937768FD3665DE84D9570ECAFA903BE] () C:\hp\HPQWare\browser\Accelerators\map\ja-jp\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\ko-kr 2022-07-18 05:39 - 2016-03-21 12:36 - 000001033 ____A [52BC8B81EEEBBE139853E47EBEBE1153] () C:\hp\HPQWare\browser\Accelerators\map\ko-kr\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001815 ____A [EED78D27F099F287BDD5E41883BAD109] () C:\hp\HPQWare\browser\Accelerators\map\ko-kr\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\nb-no 2022-07-18 05:39 - 2016-03-21 12:36 - 000001035 ____A [1D0975E4AEE8C27900EC3E4301255205] () C:\hp\HPQWare\browser\Accelerators\map\nb-no\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001821 ____A [F5FD92D8F27CECCDBDD929F191DCA2FC] () C:\hp\HPQWare\browser\Accelerators\map\nb-no\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\nl-nl 2022-07-18 05:39 - 2016-03-21 12:36 - 000001048 ____A [54922F02172572344B3391A5EA55A8F3] () C:\hp\HPQWare\browser\Accelerators\map\nl-nl\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001820 ____A [37FA1CE91939D720D3A6C023244765C8] () C:\hp\HPQWare\browser\Accelerators\map\nl-nl\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\pl-pl 2022-07-18 05:39 - 2016-03-21 12:36 - 000001030 ____A [7E13B7BFD52A91A04D04D1D05A099749] () C:\hp\HPQWare\browser\Accelerators\map\pl-pl\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001834 ____A [0BF2329D3606C5FB3A622EB5909D2C66] () C:\hp\HPQWare\browser\Accelerators\map\pl-pl\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\pt-br 2022-07-18 05:39 - 2016-03-21 12:36 - 000001030 ____A [8432A4B11EA77330FF319F7734588C6B] () C:\hp\HPQWare\browser\Accelerators\map\pt-br\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001822 ____A [6822596E7ECDEA80E3642695DE0BFFDB] () C:\hp\HPQWare\browser\Accelerators\map\pt-br\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\pt-pt 2022-07-18 05:39 - 2016-03-21 12:36 - 000001031 ____A [25138BE1A10C14A2065844904137A002] () C:\hp\HPQWare\browser\Accelerators\map\pt-pt\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001822 ____A [6822596E7ECDEA80E3642695DE0BFFDB] () C:\hp\HPQWare\browser\Accelerators\map\pt-pt\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\ru-ru 2022-07-18 05:39 - 2016-03-21 12:36 - 000001066 ____A [80E695FD59799EA6D3A6347173BD69D6] () C:\hp\HPQWare\browser\Accelerators\map\ru-ru\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001846 ____A [250B574237AB84B7F4B749F15949DBA4] () C:\hp\HPQWare\browser\Accelerators\map\ru-ru\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\sv-se 2022-07-18 05:39 - 2016-03-21 12:36 - 000001026 ____A [879C912FE48FD84687395E8B5D8A6876] () C:\hp\HPQWare\browser\Accelerators\map\sv-se\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001824 ____A [1D3FA15E15FFA26B667B1A080302EB98] () C:\hp\HPQWare\browser\Accelerators\map\sv-se\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\tr-tr 2022-07-18 05:39 - 2016-03-21 12:36 - 000001036 ____A [4A35FEDA5AB96B8975BA090537FB52F8] () C:\hp\HPQWare\browser\Accelerators\map\tr-tr\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001831 ____A [E2D93E8B02922DC5B8A0D61955E87910] () C:\hp\HPQWare\browser\Accelerators\map\tr-tr\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\zh-chs 2022-07-18 05:39 - 2016-03-21 12:36 - 000001031 ____A [FA7A2B93E3D55FE66FD972F8C055F0CC] () C:\hp\HPQWare\browser\Accelerators\map\zh-chs\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001819 ____A [F5057AD20E00C82CF9859891DA17D94F] () C:\hp\HPQWare\browser\Accelerators\map\zh-chs\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\zh-hk 2022-07-18 05:39 - 2016-03-21 12:36 - 000001031 ____A [AA4B1A4212DA6B27536ADB52C15D2FE4] () C:\hp\HPQWare\browser\Accelerators\map\zh-hk\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001822 ____A [7426DD97A47AD04B8CC68EE44E8C18E8] () C:\hp\HPQWare\browser\Accelerators\map\zh-hk\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\browser\Accelerators\map\zh-tw 2022-07-18 05:39 - 2016-03-21 12:36 - 000001031 ____A [AA4B1A4212DA6B27536ADB52C15D2FE4] () C:\hp\HPQWare\browser\Accelerators\map\zh-tw\map_bing.xml 2022-07-18 05:39 - 2009-08-05 18:52 - 000001822 ____A [7426DD97A47AD04B8CC68EE44E8C18E8] () C:\hp\HPQWare\browser\Accelerators\map\zh-tw\translate_bing.xml 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\ar-sa 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\ar-sa\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000192 ____A [5A1AF9E4AC97938E54E510405830D71A] () C:\hp\HPQWare\browser\ar-sa\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\cs-cz 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\cs-cz\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000199 ____A [7BD7DC6F6294CFA6CE8EAFA97BC93A49] () C:\hp\HPQWare\browser\cs-cz\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\da-dk 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\da-dk\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000187 ____A [BB13D66C0E00F6C6E34BFEF97A01AFC9] () C:\hp\HPQWare\browser\da-dk\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\de-de 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\de-de\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000186 ____A [4C93709DE084BC81F98BDD2C7111DF37] () C:\hp\HPQWare\browser\de-de\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\el-gr 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\el-gr\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000188 ____A [C66B9DF37F6DA027495E769B01424B8E] () C:\hp\HPQWare\browser\el-gr\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\en-us 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\en-us\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000184 ____A [18D9D60A81D0F108CCF5D8754F776893] () C:\hp\HPQWare\browser\en-us\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\es-es 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\es-es\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000198 ____A [FE1E00D3F17D0A653BF3FC6245E48BBA] () C:\hp\HPQWare\browser\es-es\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\fi-fi 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\fi-fi\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000215 ____A [AD744AEEA01A61CCDA222880C16165EE] () C:\hp\HPQWare\browser\fi-fi\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\fr-fr 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\fr-fr\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000205 ____A [FB1F46900FBE595AA662E86E5C460FC1] () C:\hp\HPQWare\browser\fr-fr\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\he-il 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\he-il\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000192 ____A [BBADC9898145E0536D723E88541F703D] () C:\hp\HPQWare\browser\he-il\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\hu-hu 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\hu-hu\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000195 ____A [2E06B4B1B33236A1720010F7B68D9275] () C:\hp\HPQWare\browser\hu-hu\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\it-it 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\it-it\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000195 ____A [8EAAEFF8055CADB677E5DE64A5A1C2A1] () C:\hp\HPQWare\browser\it-it\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\ja-jp 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\ja-jp\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000184 ____A [9AAEB2BAE0477BB97EDC4753CE997171] () C:\hp\HPQWare\browser\ja-jp\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\ko-kr 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\ko-kr\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000180 ____A [8D74F5E5AA092492ED1B55A74F466E3A] () C:\hp\HPQWare\browser\ko-kr\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\nb-no 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\nb-no\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000189 ____A [6765266C022D1BEF3030B3B74E08C2D1] () C:\hp\HPQWare\browser\nb-no\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\nl-nl 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\nl-nl\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000196 ____A [07AB298C284219BB9AC7AAF64174410E] () C:\hp\HPQWare\browser\nl-nl\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\pl-pl 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\pl-pl\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000190 ____A [695C10DE07A2838937F5C1F28E3E005B] () C:\hp\HPQWare\browser\pl-pl\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\pt-br 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\pt-br\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000188 ____A [67D7A9939BBA1FEF212AABB08973FB7D] () C:\hp\HPQWare\browser\pt-br\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\pt-pt 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\pt-pt\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000188 ____A [3B14BE90BFD5617F34A038259982B0D4] () C:\hp\HPQWare\browser\pt-pt\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\ru-ru 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\ru-ru\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000199 ____A [63A33B0457F260F583A697B5F05EFED8] () C:\hp\HPQWare\browser\ru-ru\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\sv-se 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\sv-se\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000185 ____A [0FC60A3D5D0622E289192C08937604F1] () C:\hp\HPQWare\browser\sv-se\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\tr-tr 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\tr-tr\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000187 ____A [F4D056B50F63796478CDCA43086BC8BB] () C:\hp\HPQWare\browser\tr-tr\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\zh-cn 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\zh-cn\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000182 ____A [2B92B0B3D6A47227D8376565D4F168D9] () C:\hp\HPQWare\browser\zh-cn\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\zh-hk 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\zh-hk\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000181 ____A [B5483F14D23BD295040540CB06DDF6A4] () C:\hp\HPQWare\browser\zh-hk\All\IEAccelerators.ins 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\zh-tw 2022-07-18 05:39 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\browser\zh-tw\All 2022-07-18 05:39 - 2022-07-18 05:39 - 000000181 ____A [239FD979FDF27534A8E3A772F9198898] () C:\hp\HPQWare\browser\zh-tw\All\IEAccelerators.ins 2022-07-18 05:37 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\BTBHost 2022-07-18 05:37 - 2022-06-24 15:28 - 000000868 ____A [463D5A0F9277B0AC9234FEA8DF3AA9E3] () C:\hp\HPQWare\BTBHost\BtBCustomData.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000015507 ____A [0F51078E173F82530C08A9702646F0E1] () C:\hp\HPQWare\BTBHost\BTBHostBBV2.bat 2022-07-18 05:37 - 2022-06-24 15:28 - 000001679 ____A [173766B7F08D1FF6360E9B062BCB4669] () C:\hp\HPQWare\BTBHost\CheckAudioBrand.bat 2022-07-18 05:37 - 2022-06-24 15:28 - 000008835 ____A [018E273B5770152414EBF37C30F5C670] () C:\hp\HPQWare\BTBHost\customData.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000099 ____A [DC2BAADB0DA77FC949F10216894CA450] () C:\hp\HPQWare\BTBHost\customData.ini 2022-07-18 05:37 - 2022-06-24 15:28 - 000209176 ____A [ECD974EB175672EDA81AC5FCBC2558BD] (HP Inc. → Hewlett Packard) C:\hp\HPQWare\BTBHost\Getlocale.exe 2022-07-18 05:37 - 2022-06-24 15:28 - 000000286 ____A [218469087A1E73D2451FEDB047E3AB81] () C:\hp\HPQWare\BTBHost\LayoutModificationDefault.xml 2022-07-18 05:37 - 2022-06-24 15:28 - 000174176 ____A [B1F5DC2F593AE08CE5A6CCC0FCA7FB4A] (HP Inc. → ) C:\hp\HPQWare\BTBHost\MetroXmlProcessor.exe 2022-07-18 05:37 - 2022-06-24 15:28 - 000000819 ____A [16B333CCD87E9E290C1ACBD57B914738] () C:\hp\HPQWare\BTBHost\PinTiles.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000840 ____A [BA5D77AB73BDE7CC8EDFA3552D2225BE] () C:\hp\HPQWare\BTBHost\PinTilesWPE.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000017603 ____A [0EE94349D6B844E74808B1CF02E6D982] () C:\hp\HPQWare\BTBHost\PostWizInstaller.bat 2022-07-18 05:37 - 2022-06-24 15:28 - 000000776 ____A [0BA538A8C67B44CE09CC601D5FDB01C7] () C:\hp\HPQWare\BTBHost\QueryWMI.vbs 2022-07-18 05:37 - 2022-06-24 15:28 - 000000738 ____A [D9A86DE66754C97511FB5DE9749974C2] () C:\hp\HPQWare\BTBHost\RemoveXMLNS.vbs 2022-07-18 05:37 - 2022-06-24 15:28 - 000002255 ____A [5AA36667B3E45FA3B6F47D085CA5F334] () C:\hp\HPQWare\BTBHost\SCMID.bat 2022-07-18 05:37 - 2022-06-24 15:28 - 000000084 ____A [22FF3218FB41B43E1A32AAB113C4A4F1] () C:\hp\HPQWare\BTBHost\SCMID.ini 2022-07-18 05:37 - 2022-12-05 11:31 - 000000199 ____A [73549D11E6BEEBB9A370E3BAC4FB8E2D] () C:\hp\HPQWare\BTBHost\SetCustomVars.bat 2022-07-18 05:37 - 2022-06-24 15:28 - 000016760 ____A [76B9B4CFF0319CD932A90DE10EA34D54] (HP Inc. → ) C:\hp\HPQWare\BTBHost\SetEnv.exe 2022-07-18 05:37 - 2022-06-24 15:28 - 000390800 ____A [82D7CB1A0EE0BC75472B81D0B9F0BB40] (HP Inc. → HP Inc.) C:\hp\HPQWare\BTBHost\StartTileProcessor.exe 2022-12-05 11:31 - 2022-12-05 11:31 - 000000412 ____A [AF07E438915FC3A558CBC02DDF621DEB] () C:\hp\HPQWare\BTBHost\Taskbar.ini 2022-07-18 05:37 - 2022-06-24 15:28 - 000000414 ____A [FBF8E65C4AC370993C6822AB177FED41] () C:\hp\HPQWare\BTBHost\TaskbarLayoutModificationDefault.xml 2022-07-18 05:37 - 2022-06-24 15:28 - 000089464 ____A [26D8AA7329B9958AB06D951CA8D40E27] (HP Inc. → HP Inc.) C:\hp\HPQWare\BTBHost\TaskbarProcessor.exe 2022-12-05 11:31 - 2022-12-05 11:31 - 000002106 ____A [CB8A439BA1507C684EF2B0466891C433] () C:\hp\HPQWare\BTBHost\WizEdgeFav.ini 2022-07-18 05:37 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\BTBHost\Edu 2022-07-18 05:37 - 2022-06-24 15:28 - 000000035 ____A [66CCFA6F295D975617F8BAD1D26A4031] () C:\hp\HPQWare\BTBHost\Edu\MetroXmlProcessor.ini 2022-07-18 05:37 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\BTBHost\Edu\Win11SE 2022-07-18 05:37 - 2022-06-24 15:28 - 000000606 ____A [1BBE2D0DC70AD921B446A6ABAB7E8830] () C:\hp\HPQWare\BTBHost\Edu\Win11SE\LayoutModification.json 2022-07-18 05:37 - 2022-06-24 15:28 - 000000677 ____A [48BCEC7CAC8A76BA35567289138A9FC3] () C:\hp\HPQWare\BTBHost\Edu\Win11SE\TaskbarLayoutModification.xml 2022-07-18 05:37 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\BTBHost\MMD 2022-07-18 05:37 - 2022-06-24 15:28 - 000002117 ____A [30AE3D03C9FF4150C06EED709D45BA92] () C:\hp\HPQWare\BTBHost\MMD\LayoutModification.xml 2022-07-18 05:37 - 2022-06-24 15:28 - 000000718 ____A [8CAD4059FE8CB486CF7ECC9C1E4A5A60] () C:\hp\HPQWare\BTBHost\MMD\TaskbarLayoutModification.xml 2022-07-18 05:37 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\BTBHost\MMD_ACB 2022-07-18 05:37 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\BTBHost\MMD_ACB\Win10 2022-07-18 05:37 - 2022-06-24 15:28 - 000001207 ____A [2EE14F49EBF272E158B24B436AD1591B] () C:\hp\HPQWare\BTBHost\MMD_ACB\Win10\LayoutModification.xml 2022-07-18 05:37 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\BTBHost\MMD_ACB\Win11 2022-07-18 05:37 - 2022-06-24 15:28 - 000000274 ____A [9B844977ABFF024D093273A69086EF15] () C:\hp\HPQWare\BTBHost\MMD_ACB\Win11\LayoutModification.json 2022-07-18 05:37 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\BTBHost\PBR 2022-07-18 05:37 - 2022-06-24 15:28 - 000006684 ____A [188473DA1DA808BD515FD1CF79306CCC] () C:\hp\HPQWare\BTBHost\PBR\BTBHostB_PBR.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000005898 ____A [77F0F93864CC864F1EAC00C6A3E36D12] () C:\hp\HPQWare\BTBHost\PBR\BTBHostD_PBR.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000002294 ____A [850530C0746984B5B9B601A6D5F3E726] () C:\hp\HPQWare\BTBHost\PBR\ExportRegXML.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000032880 ____A [BF4B61294273C3EA860CE1EEBF22CC8D] (HP Inc. → ) C:\hp\HPQWare\BTBHost\PBR\ReplaceRegString32.exe 2022-07-18 05:37 - 2022-06-24 15:28 - 000195184 ____A [4AD6AE4A689B53C6937DA0872CE1BA80] (HP Inc. → ) C:\hp\HPQWare\BTBHost\PBR\ReplaceRegString64.exe 2022-07-18 05:37 - 2022-06-24 15:28 - 000000635 ____A [2FF106B20E622C18A9A136B35F99F2D2] () C:\hp\HPQWare\BTBHost\PBR\ReplaceString.vbs 2022-12-05 11:31 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\BTBHost\PBR\BTBHost 2022-12-05 11:31 - 2022-12-05 11:31 - 000000805 ____A [7B6AE490F49B3038282D93C4EC0C9ED7] () C:\hp\HPQWare\BTBHost\PBR\BTBHost\LayoutModification.json 2022-12-05 11:31 - 2022-12-05 11:31 - 000000218 ____A [1661FEE552619ED80F2E6C202A7A63C8] () C:\hp\HPQWare\BTBHost\PBR\BTBHost\MFU.ini_0.reg 2022-12-05 11:31 - 2022-12-05 11:31 - 000001208 ____A [1A5E899E413E284D8E43F532983A9E5F] () C:\hp\HPQWare\BTBHost\PBR\BTBHost\Store.ini_0.reg 2022-12-05 11:31 - 2022-12-05 11:31 - 000000877 ____A [802AB459BBD0A0D9A31ABECC6ECA8C3C] () C:\hp\HPQWare\BTBHost\PBR\BTBHost\TaskbarLayoutModification.xml 2022-12-05 11:31 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\BTBHost\PBR\BTBHost\EdgeIcons 2022-12-05 11:31 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\BTBHost\PBR\BTBHost\EdgeIcons\Packages 2022-12-05 11:31 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\BTBHost\PBR\BTBHost\EdgeIcons\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe 2022-12-05 11:31 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\BTBHost\PBR\BTBHost\EdgeIcons\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\LocalState 2022-12-05 11:31 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\BTBHost\PBR\BTBHost\EdgeIcons\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\LocalState\PinnedTiles 2022-12-05 11:31 - 2020-06-10 05:02 - 000001658 ____A [F7ED4C5F4FB87EBC284AFB0FB1D0E290] () C:\hp\HPQWare\BTBHost\PBR\BTBHost\EdgeIcons\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\LocalState\PinnedTiles\Adobe.png 2022-12-05 11:31 - 2021-06-16 03:39 - 000008326 ____A [D3A9561B31B9EA10B9A73E8737966318] () C:\hp\HPQWare\BTBHost\PBR\BTBHost\EdgeIcons\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\LocalState\PinnedTiles\Booking.png 2022-12-05 11:31 - 2021-04-01 16:48 - 000001537 ____A [6AEEC28815CE3348AAC6450C5C938F3A] () C:\hp\HPQWare\BTBHost\PBR\BTBHost\EdgeIcons\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\LocalState\PinnedTiles\lp.png 2022-07-18 05:37 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\BTBHost\PBR\RegSrc 2022-07-18 05:37 - 2022-06-24 15:28 - 000000052 ____A [1635143C449A4B69A2445370662EB2D0] () C:\hp\HPQWare\BTBHost\PBR\RegSrc\MFU.ini 2022-07-18 05:37 - 2022-06-24 15:28 - 000000052 ____A [FBE3153CA3F911C4134DA2D17D0566D4] () C:\hp\HPQWare\BTBHost\PBR\RegSrc\Store.ini 2022-07-18 05:37 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\BTBHost\Signature 2022-07-18 05:37 - 2022-06-24 15:28 - 000000892 ____A [2456090AC0044410D660CE34CECA8F95] () C:\hp\HPQWare\BTBHost\Signature\IE_Settings.reg 2022-07-18 05:37 - 2022-06-24 15:28 - 000000290 ____A [4ADE00D1C76F2BB536CE439665B22892] () C:\hp\HPQWare\BTBHost\Signature\MFU.ini 2022-07-18 05:37 - 2022-06-24 15:28 - 000000300 ____A [60B140D022E6480E2A155FAE6BAA24B9] () C:\hp\HPQWare\BTBHost\Signature\MFU_cNB.ini 2022-07-18 05:37 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\BTBHost\Signature\RedStone 2022-07-18 05:37 - 2022-06-24 15:28 - 000000194 ____A [74010AA27952B806A766CACBA266BCC4] () C:\hp\HPQWare\BTBHost\Signature\RedStone\MFU.ini 2022-07-18 05:37 - 2022-06-24 15:28 - 000000204 ____A [DE9E7E954C27CF77BAAB9A77105A70DD] () C:\hp\HPQWare\BTBHost\Signature\RedStone\MFU_cNB.ini 2022-12-05 11:25 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\Simplesolitaire 2022-12-05 11:25 - 2020-09-08 15:26 - 000000006 ____A [1202F1609D76C0D8655CF7D7F77A9B70] () C:\hp\HPQWare\Simplesolitaire\CustomDataHP.txt 2022-07-18 05:38 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\TouchpointCustomizer 2022-07-18 05:38 - 2021-09-24 23:52 - 000000765 ____A [EA6ED6B99395E5953522EAE81D82FBE4] () C:\hp\HPQWare\TouchpointCustomizer\Region.ini 2022-07-18 05:38 - 2021-07-29 11:55 - 000002008 ____A [83D3781D8B66F70550478A7BA2674D73] () C:\hp\HPQWare\TouchpointCustomizer\TouchpointCustomizer.csv 2022-07-18 05:38 - 2022-05-26 13:02 - 000406160 ____A [0802E8929BC08E95FA15F22CE3338D00] (HP Inc. → HP Inc.) C:\hp\HPQWare\TouchpointCustomizer\TouchpointCustomizer.exe 2022-07-18 05:38 - 2021-10-04 15:07 - 000002727 ____A [B995487B17C6665FBFAF6C002FFFA2ED] () C:\hp\HPQWare\TouchpointCustomizer\TouchpointCustomizer_WOct21.csv 2022-07-18 05:38 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\TouchpointCustomizer\Win10 2022-07-18 05:38 - 2021-10-13 16:46 - 000000812 ____A [DF1D8AF03F538FD4F7E8F8C95AE5F609] () C:\hp\HPQWare\TouchpointCustomizer\Win10\Edianzu.csv 2022-07-18 05:38 - 2022-03-03 02:17 - 000001470 ____A [8BBC3825D278E37023E2A1491E9720D6] () C:\hp\HPQWare\TouchpointCustomizer\Win10\EDU-WW.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000002648 ____A [4E16F445925FD0F9C4F1B00CE7AE4585] () C:\hp\HPQWare\TouchpointCustomizer\Win10\Envy-APJ-EMEA.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000001534 ____A [C6AAF2C033824237D29A1AA89EE50B54] () C:\hp\HPQWare\TouchpointCustomizer\Win10\Envy-BBY.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000001490 ____A [584F9087B210893DBF1143A7F70456AF] () C:\hp\HPQWare\TouchpointCustomizer\Win10\Envy-BBYBL.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000001776 ____A [C6DD43E37DD38D1A07457B079120EB60] () C:\hp\HPQWare\TouchpointCustomizer\Win10\Envy-China.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000001714 ____A [564DE143B181F3DED37A93719099DC1F] () C:\hp\HPQWare\TouchpointCustomizer\Win10\Envy-Costco.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000001597 ____A [42A300BAD8B29E396EC8931786EAC184] () C:\hp\HPQWare\TouchpointCustomizer\Win10\Envy-DIX-ELKJOP.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000001980 ____A [4885B25F7B19F5A4807FBE78F8E8EF88] () C:\hp\HPQWare\TouchpointCustomizer\Win10\Envy-LATAM.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000001970 ____A [B1409F732B4243EE1C74A5E41041BE11] () C:\hp\HPQWare\TouchpointCustomizer\Win10\Envy-NA.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000001930 ____A [6ED3E46AD5A4DF35C740D80423252640] () C:\hp\HPQWare\TouchpointCustomizer\Win10\Envy-SAM-WM.csv 2022-07-18 05:38 - 2021-10-13 16:46 - 000001043 ____A [6845322AF65FE8813A445DA889C549AF] () C:\hp\HPQWare\TouchpointCustomizer\Win10\OMEN-China.csv 2022-07-18 05:38 - 2022-03-03 02:18 - 000001210 ____A [031B449C7D30C3CF3D9B39F3258111A2] () C:\hp\HPQWare\TouchpointCustomizer\Win10\OMEN-WW.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000002673 ____A [5FD48F73D727828C4E5B84FCA129F9C7] () C:\hp\HPQWare\TouchpointCustomizer\Win10\OPP-Pavilion-APJ-EMEA.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000001821 ____A [580C1351AE88D8BBB2B3F1D65ADBF2E7] () C:\hp\HPQWare\TouchpointCustomizer\Win10\OPP-Pavilion-BBY.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000001559 ____A [979856997D15200F73FCC3173584409A] () C:\hp\HPQWare\TouchpointCustomizer\Win10\OPP-Pavilion-BBYBL.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000001530 ____A [26054DC0EE17D18A2769CC0FF820609B] () C:\hp\HPQWare\TouchpointCustomizer\Win10\OPP-Pavilion-China.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000001773 ____A [2EA9E355B44572C3A97F2323828A2AC9] () C:\hp\HPQWare\TouchpointCustomizer\Win10\OPP-Pavilion-Costco.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000001665 ____A [CD17DE674FCBA32660AD797B96B4661F] () C:\hp\HPQWare\TouchpointCustomizer\Win10\OPP-Pavilion-DIX-ELKJOP.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000001902 ____A [73BE74D0EA192CF7C5C2CD99084A7070] () C:\hp\HPQWare\TouchpointCustomizer\Win10\OPP-Pavilion-LATAM.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000001892 ____A [12274D9CBD80E4EC886A1390F9B7849B] () C:\hp\HPQWare\TouchpointCustomizer\Win10\OPP-Pavilion-NA.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000001817 ____A [34A003BDAD7DF4CD114FAB73B5CFB1F4] () C:\hp\HPQWare\TouchpointCustomizer\Win10\OPP-Pavilion-SAM-WM.csv 2022-07-18 05:38 - 2021-12-08 01:26 - 000001339 ____A [596E403B8E10B9BCC146B998DB00A108] () C:\hp\HPQWare\TouchpointCustomizer\Win10\SBSO-Americas.csv 2022-07-18 05:38 - 2022-03-03 02:18 - 000002012 ____A [EC79F3D0E2D98FBFB0BD665A3B2F6124] () C:\hp\HPQWare\TouchpointCustomizer\Win10\SBSO-APJ-China-EMEA.csv 2022-07-18 05:38 - 2021-10-13 16:46 - 000001468 ____A [AFAAE1F16F140A55478FB59111C14F11] () C:\hp\HPQWare\TouchpointCustomizer\Win10\SpectreNB-EnvyAIO-China.csv 2022-07-18 05:38 - 2022-03-03 02:19 - 000001622 ____A [A7839DC24DDB1F89BC39B9892C97947F] () C:\hp\HPQWare\TouchpointCustomizer\Win10\SpectreNB-EnvyAIO-WW.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000000939 ____A [8C062DA947DCF5AFF4F44A9070310114] () C:\hp\HPQWare\TouchpointCustomizer\Win10\Workstation-China.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000001492 ____A [748E2B07993F1543BF481BFCE968B5D7] () C:\hp\HPQWare\TouchpointCustomizer\Win10\Workstation-WW.csv 2022-07-18 05:38 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\HPQWare\TouchpointCustomizer\Win11 2022-07-18 05:38 - 2022-05-12 00:40 - 000000975 ____A [A378698B201FFF43B3DDCA4A1E57DE5B] () C:\hp\HPQWare\TouchpointCustomizer\Win11\ARM-China.csv 2022-07-18 05:38 - 2022-06-02 18:38 - 000001763 ____A [522464FE4E2348CB858AC7B7B8AD3238] () C:\hp\HPQWare\TouchpointCustomizer\Win11\ARM-WW.csv 2022-07-18 05:38 - 2021-10-13 12:31 - 000000360 ____A [DCCC4334BBB4ECE0CA3656D276FDAE71] () C:\hp\HPQWare\TouchpointCustomizer\Win11\Edianzu.csv 2022-07-18 05:38 - 2022-05-06 11:30 - 000002133 ____A [BEA5C3D6FFE02CC0F584485E8A53EF44] () C:\hp\HPQWare\TouchpointCustomizer\Win11\EDU-WW.csv 2022-07-18 05:38 - 2022-06-02 18:40 - 000002474 ____A [422CCAE250BBC17E7094F1A398228781] () C:\hp\HPQWare\TouchpointCustomizer\Win11\Envy-APJ-EMEA.csv 2022-07-18 05:38 - 2022-05-13 18:16 - 000001878 ____A [EFAACCF7FA9D29C8AEB607BA3E7542B9] () C:\hp\HPQWare\TouchpointCustomizer\Win11\Envy-China.csv 2022-07-18 05:38 - 2022-06-02 18:40 - 000001861 ____A [2132AE9738E4BA1D59D4BCC5EBC132B9] () C:\hp\HPQWare\TouchpointCustomizer\Win11\Envy-LATAM.csv 2022-07-18 05:38 - 2022-05-19 21:15 - 000002277 ____A [965AE5DED9B849FC081B262361C210B1] () C:\hp\HPQWare\TouchpointCustomizer\Win11\Envy-NA.csv 2022-07-18 05:38 - 2022-06-02 18:30 - 000001555 ____A [A14700523F1246D5D71250BE78A705AE] () C:\hp\HPQWare\TouchpointCustomizer\Win11\OMEN-China.csv 2022-07-18 05:38 - 2022-05-19 13:07 - 000001511 ____A [045745076244B3DDEE155EE00F7BDBF5] () C:\hp\HPQWare\TouchpointCustomizer\Win11\OMEN-WM.csv 2022-07-18 05:38 - 2022-05-25 18:16 - 000001655 ____A [DF6E62684FE9849E197253EDF653821E] () C:\hp\HPQWare\TouchpointCustomizer\Win11\OMEN-WW.csv 2022-07-18 05:38 - 2022-06-02 18:41 - 000002867 ____A [02A8C815B6610DD26522661696D8E565] () C:\hp\HPQWare\TouchpointCustomizer\Win11\OPP-Pavilion-APJ-EMEA.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000002691 ____A [8252E11BC159FA8F813433C68A15581D] () C:\hp\HPQWare\TouchpointCustomizer\Win11\OPP-Pavilion-BBY.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000002223 ____A [A4D3D8BD8259054050C50937BB4C67DE] () C:\hp\HPQWare\TouchpointCustomizer\Win11\OPP-Pavilion-BBYBL.csv 2022-07-18 05:38 - 2022-05-24 17:31 - 000002195 ____A [EC4B0DB0203749A9CCDE50F4E97BA62B] () C:\hp\HPQWare\TouchpointCustomizer\Win11\OPP-Pavilion-China.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000002498 ____A [A2AE55FE868C965BD704D678829295EC] () C:\hp\HPQWare\TouchpointCustomizer\Win11\OPP-Pavilion-Costco.csv 2022-07-18 05:38 - 2022-05-19 21:25 - 000002665 ____A [B72D0987A97061EB50749977196C8765] () C:\hp\HPQWare\TouchpointCustomizer\Win11\OPP-Pavilion-DIX-ELKJOP.csv 2022-07-18 05:38 - 2022-06-02 18:36 - 000002363 ____A [FCA8C9AE914D1B6B0699B5C58CACC983] () C:\hp\HPQWare\TouchpointCustomizer\Win11\OPP-Pavilion-LATAM.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000002569 ____A [C04956591115924BEDF31CDE2C30E601] () C:\hp\HPQWare\TouchpointCustomizer\Win11\OPP-Pavilion-NA.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000002554 ____A [F17F97F2D7A29294799DF0DC533D2CE3] () C:\hp\HPQWare\TouchpointCustomizer\Win11\OPP-Pavilion-SAM-WM.csv 2022-07-18 05:38 - 2022-05-06 11:30 - 000001864 ____A [85B0B78E1CFA2FD273E850BF394777F8] () C:\hp\HPQWare\TouchpointCustomizer\Win11\SBSO-Americas.csv 2022-07-18 05:38 - 2022-05-06 11:30 - 000002091 ____A [E9B3822E7BB0B4243E64CCD34F3F329C] () C:\hp\HPQWare\TouchpointCustomizer\Win11\SBSO-APJ-EMEA.csv 2022-07-18 05:38 - 2022-03-30 23:31 - 000001154 ____A [153B13867482D2B24FC80A30AD9B7931] () C:\hp\HPQWare\TouchpointCustomizer\Win11\SBSO-China.csv 2022-07-18 05:38 - 2022-05-19 21:19 - 000002287 ____A [3308940A4F6DA18B60F19BF8346B879B] () C:\hp\HPQWare\TouchpointCustomizer\Win11\Spectre-Envy-BBY.csv 2022-07-18 05:38 - 2022-05-25 18:18 - 000001933 ____A [B3D4170BF2B94F5B9C6DA8AD4836BC1B] () C:\hp\HPQWare\TouchpointCustomizer\Win11\Spectre-Envy-BBYBL.csv 2022-07-18 05:38 - 2022-05-19 15:44 - 000002208 ____A [211AB8F1CD03035B880EEB3BC4F53816] () C:\hp\HPQWare\TouchpointCustomizer\Win11\Spectre-Envy-Costco.csv 2022-07-18 05:38 - 2022-05-19 15:45 - 000002375 ____A [AA9834475742C0F9F445F800D5D20A07] () C:\hp\HPQWare\TouchpointCustomizer\Win11\Spectre-Envy-DIX-ELKJOP.csv 2022-07-18 05:38 - 2022-05-19 15:43 - 000001971 ____A [2FFCEB1680A1FEF70D75DCB5D1477070] () C:\hp\HPQWare\TouchpointCustomizer\Win11\Spectre-Envy-SAM-WM.csv 2022-07-18 05:38 - 2022-05-13 18:13 - 000001832 ____A [6F0A8E0A627DB67F15DBFF2BEA7693DF] () C:\hp\HPQWare\TouchpointCustomizer\Win11\SpectreNB-EnvyAIO-China.csv 2022-07-18 05:38 - 2022-06-02 18:37 - 000001924 ____A [004FE27A0927D1D14FCA9D6EDF8BF0BF] () C:\hp\HPQWare\TouchpointCustomizer\Win11\SpectreNB-EnvyAIO-LATAM.csv 2022-07-18 05:38 - 2022-06-02 18:37 - 000002027 ____A [DDED6470E75F4ED4DF4AAF6FFDA6809F] () C:\hp\HPQWare\TouchpointCustomizer\Win11\SpectreNB-EnvyAIO-WW.csv 2022-07-18 05:38 - 2022-05-06 15:38 - 000001879 ____A [C7D2F7993F359E488C4BBA8D31BB8CBB] () C:\hp\HPQWare\TouchpointCustomizer\Win11\Tablet-BBY.csv 2022-07-18 05:38 - 2022-05-12 00:54 - 000001534 ____A [158AF4F915FDDC2B5DA231876FD8BE28] () C:\hp\HPQWare\TouchpointCustomizer\Win11\Tablet-China.csv 2022-07-18 05:38 - 2022-05-19 21:28 - 000001926 ____A [6D0B2864BF086CA2C775F0F0E3BFCD2C] () C:\hp\HPQWare\TouchpointCustomizer\Win11\Tablet-DIX-ELKJOP.csv 2022-07-18 05:38 - 2021-10-13 12:31 - 000000430 ____A [BDBF39C850F37FE63BE9BD0E1996B0EA] () C:\hp\HPQWare\TouchpointCustomizer\Win11\Tablet-Edianzu.csv 2022-07-18 05:38 - 2022-06-02 18:41 - 000001879 ____A [C7D2F7993F359E488C4BBA8D31BB8CBB] () C:\hp\HPQWare\TouchpointCustomizer\Win11\Tablet-WW.csv 2022-07-18 05:38 - 2022-05-06 11:27 - 000001038 ____A [8C0B86539164B4EEE060A17307397D2E] () C:\hp\HPQWare\TouchpointCustomizer\Win11\Workstation-China.csv 2022-07-18 05:38 - 2022-05-06 11:30 - 000001680 ____A [1BC17CA4059677ECBA1FF91976F0B08E] () C:\hp\HPQWare\TouchpointCustomizer\Win11\Workstation-WW.csv 2023-10-24 13:26 - 2023-10-24 13:26 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\TypedURL 2023-10-24 13:26 - 2023-10-24 13:26 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\TypedURL\Merged 2022-07-18 05:37 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\HPQWare\Util 2022-07-18 05:37 - 2022-06-24 15:28 - 000000808 ____A [24ED7F33C3F0BE8D62330FA24C762FE4] () C:\hp\HPQWare\Util\AttributeQuery5Gwwan.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000366 ____A [E86D82CC9CACC36BCDA59F3C7226F8F4] () C:\hp\HPQWare\Util\AttributeQueryBuildCycle.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000005295 ____A [2812FAABA9080AA15C70F82BAC9E6BE6] () C:\hp\HPQWare\Util\AttributeQueryBusinessAndDeviceType.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000005587 ____A [F2E64CF39AA63E00FEC97699A2227187] () C:\hp\HPQWare\Util\AttributeQueryChannelID.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000893 ____A [866D1296EDD0FA1B023C95143CEB338E] () C:\hp\HPQWare\Util\AttributeQueryChannelType.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000001032 ____A [79E745A0D24FE3467A35545C1A87FB69] () C:\hp\HPQWare\Util\AttributeQueryChassisSubType.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000001670 ____A [AD7ACC76DB1ED81595CB736E5F129109] () C:\hp\HPQWare\Util\AttributeQueryChassisType.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000292 ____A [EA43BBCF531D26881FA3F64B5F1DA4DE] () C:\hp\HPQWare\Util\AttributeQueryCompactOS.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000501 ____A [C1AD2AE250A99D786751F45B72ACEF72] () C:\hp\HPQWare\Util\AttributeQueryCorporate.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000009538 ____A [C731CF76ECC48F3A29406388B9608FE9] () C:\hp\HPQWare\Util\AttributeQueryDiskInfo.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000006067 ____A [CBCC349CB8D066915F960C9382F906D1] () C:\hp\HPQWare\Util\AttributeQueryDismLib.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000005896 ____A [A587FF3D2552B99F9E859F805E4A4751] () C:\hp\HPQWare\Util\AttributeQueryDPK.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000477 ____A [556A11D9335D7290A843576DC73904EE] () C:\hp\HPQWare\Util\AttributeQueryeService.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000729 ____A [E3CE88489E42349EB7B1D33194A51C59] () C:\hp\HPQWare\Util\AttributeQueryFullProdName.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000690 ____A [EF9E98740CE463BAA04FFA80CC3A231C] () C:\hp\HPQWare\Util\AttributeQueryHugo.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000001973 ____A [5757A10DEBA3C5D83A1AA79C207A5CAE] () C:\hp\HPQWare\Util\AttributeQueryHWCycle.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000001255 ____A [C90052A04051F6EBB5E5CDD8F49934CC] () C:\hp\HPQWare\Util\AttributeQueryImageCycle.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000388 ____A [8BF435AAB8717B4338DF213B0BCB06A7] () C:\hp\HPQWare\Util\AttributeQueryLanguageCode.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000440 ____A [0871B32E435C8891C903CFC46A7F83D5] () C:\hp\HPQWare\Util\AttributeQueryLifeLine.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000001469 ____A [3C84A6ADC08A67ADBC33B0712665B244] () C:\hp\HPQWare\Util\AttributeQueryMcAfeeLength.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000001494 ____A [9BA72DE0F95B969A31BE94D3E8265D4E] () C:\hp\HPQWare\Util\AttributeQueryNortonLength.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000001295 ____A [BBAE21603EF0DE86C293CA537ADEFB29] () C:\hp\HPQWare\Util\AttributeQueryNW.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000010726 ____A [52DF3FE613C394FC9FD2850F135C2306] () C:\hp\HPQWare\Util\AttributeQueryOfficeProd.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000433 ____A [764C1D6B859073796BFEBA7C541C7A37] () C:\hp\HPQWare\Util\AttributeQueryOptane.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000303 ____A [8977099AE640B3E367EE8322C46EC02B] () C:\hp\HPQWare\Util\AttributeQueryOSArchitecture.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000317 ____A [7D03053406BB9AD4D12626C710A26284] () C:\hp\HPQWare\Util\AttributeQueryOSBuildVersion.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000680 ____A [E89E94DEB95FF646AE770534053C6404] () C:\hp\HPQWare\Util\AttributeQueryPenSku.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000592 ____A [ED9B0CDC8BAC424217D1FEEC18AADBEF] () C:\hp\HPQWare\Util\AttributeQueryPinProcess.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000011469 ____A [2ECFED71ACE188AE9F769E988D3A731C] () C:\hp\HPQWare\Util\AttributeQueryPlatformSegment.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000370 ____A [5CF0C5AB1FF3C246B9E770F00E7BDF3E] () C:\hp\HPQWare\Util\AttributeQueryProdNumber.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000242 ____A [FFF6CEBACF29091CECA128E29987A42F] () C:\hp\HPQWare\Util\AttributeQueryRegionCode.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000400 ____A [2DA9E3EC22A7F384F674D8B4BDF4C258] () C:\hp\HPQWare\Util\AttributeQueryRStoneSupportBrand.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000963 ____A [C1630293D11E34691EE4001A8C2107E4] () C:\hp\HPQWare\Util\AttributeQuerySku.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000439 ____A [D42605635EC39D37F6E27502BE6340C9] () C:\hp\HPQWare\Util\AttributeQuerySMode.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000002281 ____A [6CCA341BE82DF6F921A64B7C46BA1898] () C:\hp\HPQWare\Util\AttributeQuerySupportBrand.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000374 ____A [009D4DE271BECCEDDA800DF66A185AA0] () C:\hp\HPQWare\Util\AttributeQuerySystemID.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000000517 ____A [61B8E6315A83E82B99FABB34B710D0B4] () C:\hp\HPQWare\Util\AttributeQueryWinSE.cmd 2022-07-18 05:37 - 2022-06-24 15:28 - 000094720 ____A [C292C5FBD03764FDE54938D141737292] (HP Inc.) [Archivo no firmado] C:\hp\HPQWare\Util\disktype_x64.exe 2022-07-18 05:37 - 2022-06-24 15:28 - 000103424 ____A [E213B0560DA69D0077209D7467574D21] (HP Inc.) [Archivo no firmado] C:\hp\HPQWare\Util\disktype_x86.exe 2022-07-18 05:37 - 2022-06-24 15:28 - 000000512 ____A [3172E48674634E40519565C5CD97BC21] () C:\hp\HPQWare\Util\QueryWMI.vbs 2022-07-18 05:37 - 2022-06-24 15:28 - 000012464 ____A [864AFDAEEBC2312B13B5AA9CD9976F57] (HP Inc. → ) C:\hp\HPQWare\Util\WMIQuery.exe 2022-12-05 11:17 - 2023-10-24 13:07 - 000000000 ____D [00000000000000000000000000000000] C:\hp\McAfeeRules 2022-12-05 11:17 - 2021-04-20 12:38 - 000005805 ____A [CE263B5F904F430F342D8E77ABB5D2A0] () C:\hp\McAfeeRules\con_NBrule.ini 2022-12-05 11:17 - 2022-12-05 11:17 - 000000334 ____A [D23AB1E92BE1ED32FB7FC8A06686B4F5] () C:\hp\McAfeeRules\mcParameter.cmd 2022-12-05 21:00 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\Network_Driver 2022-12-05 21:00 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\Network_Driver\REALTEK 2022-12-05 21:00 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2 2022-12-05 21:00 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206 2022-12-05 21:00 - 2022-06-27 12:21 - 000000078 ____A [6A41C0AF2296BB798A611EF79BEB1FFD] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\FAILURE.FLG 2022-12-05 21:00 - 2022-04-25 23:52 - 000001061 ____A [D73B0C986387B2F9CE440F1FD35D500C] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\install.cmd 2022-12-05 21:00 - 2022-06-27 12:21 - 000000676 ____A [D8B40704219F75F529EDE65824D98227] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\P0131SB2.bto 2022-12-05 21:00 - 2022-06-27 14:30 - 000086006 ____A [A86C34B3F97B7CAABBED7B2A6564A404] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\P0131SB2.cva 2022-12-05 21:00 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src 2022-12-05 21:00 - 2022-05-12 16:23 - 000000095 ____A [AC7E106513108C5E458C938258E3A312] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\DrvInfOff.flg 2022-12-05 21:00 - 2022-05-25 17:19 - 000008900 ____A [7E69FDBD1A12F31B9C334BFCF7F39F50] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\installdrv.cmd 2022-12-05 21:00 - 2022-04-25 10:34 - 000001811 ____A [0FC506DDB437CD8153D7985978FBC325] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Uninstall.cmd 2022-12-05 21:00 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers 2022-12-05 21:00 - 2022-03-01 20:05 - 000003516 ____A [B41EBBAAB17B9E9F4835ADCC8E89B614] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\InstallDriver.cmd 2022-12-05 21:00 - 2022-03-01 20:05 - 000010371 ____A [F6DCEF35B8E69B603E20125B88C003D8] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\UninstallDriver.cmd 2022-12-05 21:00 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver 2022-12-05 21:00 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\DPInst 2022-12-05 21:00 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\DPInst\X64 2022-12-05 21:00 - 2018-03-16 12:07 - 000100704 ____A [C7C02186165E69DB38EF965949BE5077] (Realtek Semiconductor Corp. → Microsoft Corporation) C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\DPInst\X64\devcon.exe 2022-12-05 21:00 - 2018-04-11 16:25 - 001049088 ____A [0BADEC7E3E51C9DB9FE602ADE77FC7A8] (Microsoft Windows Hardware Compatibility Publisher → Microsoft Corporation) C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\DPInst\X64\DPInst.exe 2022-12-05 21:00 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\DPInst\X86 2022-12-05 21:00 - 2018-03-16 12:07 - 000094560 ____A [D312AE5459DB57CA7F9837143F93BAEF] (Realtek Semiconductor Corp. → Microsoft Corporation) C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\DPInst\X86\devcon.exe 2022-12-05 21:00 - 2018-04-11 16:25 - 000923648 ____A [A50B6902B011F116984D113CA5549957] (Microsoft Windows Hardware Compatibility Publisher → Microsoft Corporation) C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\DPInst\X86\DPInst.exe 2022-12-05 21:00 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Version 2022-12-05 21:00 - 2018-04-17 17:03 - 000197120 ____A [5EAFC069E0ECDCD24B06C3E74B86692C] (Realtek Semiconductor Corp.) [Archivo no firmado] C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Version\RTKModuleVersion.exe 2022-12-05 21:00 - 2022-06-02 17:51 - 000012800 ____A [A6B971DF9C45B6113BE4883955C854DD] (Realtek) [Archivo no firmado] C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Version\RTLWVern.dll 2022-12-05 21:00 - 2018-04-17 17:03 - 002049536 ____A [BB927A78028A31890FE125C9ACEA3019] (TODO: ) [Archivo no firmado] C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Version\wlanCliDLL.dll 2022-12-05 21:00 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64 2022-12-05 21:00 - 2021-12-28 00:58 - 000021849 ____A [B7B33D975562677B4E8D5E6F12A2A19C] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64\netrtwlane.cat 2022-12-05 21:00 - 2021-12-28 00:47 - 000576504 ____A [416D5A4321C860B15B95916AD49C5CC1] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64\netrtwlane.inf 2022-12-05 21:00 - 2020-07-27 10:26 - 000038869 ____A [FA20FD574DC82B500E029F0DC893AD08] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64\netrtwlane02.cat 2022-12-05 21:00 - 2020-07-27 02:14 - 000655726 ____A [40A92AE8A9B615326E0758CE78862D12] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64\netrtwlane02.inf 2022-12-05 21:00 - 2022-06-01 06:16 - 000014464 ____A [8CA3F9FC9F50B01A25AA95FC997BC122] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64\netrtwlane6.cat 2022-12-05 21:00 - 2022-05-31 22:04 - 000430392 ____A [DA94D6EFA6964EB9AC207564CFD7790B] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64\netrtwlane6.inf 2022-12-05 21:00 - 2022-05-25 21:49 - 000013546 ____A [698888A7F50D10B33CE5990AB9BDF7FF] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64\netrtwlane601.cat 2022-12-05 21:00 - 2022-05-25 20:21 - 000424166 ____A [670F5D2B6C4DEADCC5E5EADFA29C65ED] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64\netrtwlane601.inf 2022-12-05 21:00 - 2022-05-29 22:44 - 000012800 ____A [F7058321F46AC2A4A679CCF449618275] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64\netrtwlane602.cat 2022-12-05 21:00 - 2022-05-29 22:34 - 000341194 ____A [BC7D952888260DCA2404E5BA6C9DAA14] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64\netrtwlane602.inf 2022-12-05 21:00 - 2021-12-28 00:58 - 000826936 ____A [85A449CA17F87FF2958B95FE66F4A6ED] (Realtek Semiconductor Corp. → Realtek Semiconductor Corp.) C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64\RtkWiFiManServ.exe 2022-12-05 21:00 - 2021-12-28 00:47 - 000241272 ____A [C54D7FD5F35420EBC0975949E1854DCF] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64\rtldata.txt 2022-12-05 21:00 - 2020-07-27 02:14 - 000094129 ____A [A5C43078509F03B140BDF346B3E69FE6] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64\rtldata02.txt 2022-12-05 21:00 - 2022-05-31 22:04 - 000317490 ____A [719A983B40CE3A1318D6B490DCEF904F] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64\rtldata60.txt 2022-12-05 21:00 - 2022-05-25 20:21 - 000394771 ____A [984F16F7B2B75315C52DF51277FB2DD2] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64\rtldata601.txt 2022-12-05 21:00 - 2022-05-29 22:34 - 000140716 ____A [FB0222B0A2DE743421CAE90B341B7FAD] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64\rtldata602.txt 2022-12-05 21:00 - 2022-05-29 22:44 - 001184728 ____A [A1117F6D3C0F1B90EB4D537FE9080F68] (Realtek Semiconductor Corp. → Realtek Semiconductor Corp.) C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64\Rtlihvs.dll 2022-12-05 21:00 - 2021-12-28 00:58 - 011807280 ____A [D282A49B94C4F6EF59B84C98FB635CAF] (Realtek Semiconductor Corp. → Realtek Semiconductor Corporation) C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64\rtwlane.sys 2022-12-05 21:00 - 2020-07-27 10:26 - 009634008 ____A [69421B3CA476DB26D76DDC3915E7A7B0] (Realtek Semiconductor Corp. → Realtek Semiconductor Corporation) C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64\rtwlane02.sys 2022-12-05 21:00 - 2022-06-01 06:16 - 006302168 ____A [0517D27E0A54F454F56831FAC59A32B0] (Realtek Semiconductor Corp. → Realtek Semiconductor Corporation) C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64\rtwlane6.sys 2022-12-05 21:00 - 2022-05-25 21:49 - 009094664 ____A [154AA21BDE82AB38B5E4C5561C328A3D] (Realtek Semiconductor Corp. → Realtek Semiconductor Corporation) C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64\rtwlane601.sys 2022-12-05 21:00 - 2022-05-29 22:44 - 010461136 ____A [3D9506000E2F6C3C5BB73D1DF2D774E1] (Realtek Semiconductor Corp. → Realtek Semiconductor Corporation) C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X64\rtwlane602.sys 2022-12-05 21:00 - 2023-10-24 13:07 - 000000000 ___AD [00000000000000000000000000000000] C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X86 2022-12-05 21:00 - 2021-12-28 00:58 - 000021803 ____A [C9DAC211C6FB21BE51083157C91A7B22] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X86\netrtwlane.cat 2022-12-05 21:00 - 2021-12-28 00:47 - 000576488 ____A [4B5828043B43F784F2559DF0DF188887] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X86\netrtwlane.inf 2022-12-05 21:00 - 2020-07-27 10:26 - 000038844 ____A [DE23BCBA1BB3E0F5E07789092AED84FE] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X86\netrtwlane02.cat 2022-12-05 21:00 - 2020-07-27 02:14 - 000655710 ____A [5ADB80C069E25C78E1BBD19B70DB85F6] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X86\netrtwlane02.inf 2022-12-05 21:00 - 2021-12-24 01:20 - 000014420 ____A [A2B76CDC32B8DE131787BA6668DF42D2] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X86\netrtwlane6.cat 2022-12-05 21:00 - 2021-12-24 01:10 - 000430254 ____A [D5E358E3AF34F498781F309E608A0D3D] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X86\netrtwlane6.inf 2022-12-05 21:00 - 2022-01-20 04:28 - 000012333 ____A [2DC06A698E564252042CB70925C372CB] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X86\netrtwlane601.cat 2022-12-05 21:00 - 2022-01-20 04:17 - 000397794 ____A [A123672578C42BCDB63D05947F02223E] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X86\netrtwlane601.inf 2022-12-05 21:00 - 2021-12-28 00:58 - 000826936 ____A [C357E737427C6FCF3FED6ADADC93008D] (Realtek Semiconductor Corp. → Realtek Semiconductor Corp.) C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X86\RtkWiFiManServ.exe 2022-12-05 21:00 - 2021-12-28 00:47 - 000241272 ____A [C54D7FD5F35420EBC0975949E1854DCF] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X86\rtldata.txt 2022-12-05 21:00 - 2020-07-27 02:14 - 000094129 ____A [A5C43078509F03B140BDF346B3E69FE6] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X86\rtldata02.txt 2022-12-05 21:00 - 2021-12-24 01:10 - 000317490 ____A [719A983B40CE3A1318D6B490DCEF904F] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X86\rtldata60.txt 2022-12-05 21:00 - 2022-01-20 04:17 - 000317490 ____A [719A983B40CE3A1318D6B490DCEF904F] () C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X86\rtldata601.txt 2022-12-05 21:00 - 2021-12-28 00:58 - 009783864 ____A [733F2241D5CD4099FF8F53EAEC448C45] (Realtek Semiconductor Corp. → Realtek Semiconductor Corporation) C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X86\rtwlane.sys 2022-12-05 21:00 - 2020-07-27 10:26 - 007881944 ____A [BBBD5C29E6F5960EE081E7609D9D621A] (Realtek Semiconductor Corp. → Realtek Semiconductor Corporation) C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X86\rtwlane02.sys 2022-12-05 21:00 - 2021-12-24 01:20 - 005684320 ____A [4020BFFEF630AE553B0289F1814EF61A] (Realtek Semiconductor Corp. → Realtek Semiconductor Corporation) C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X86\rtwlane6.sys 2022-12-05 21:00 - 2022-01-20 04:28 - 008017808 ____A [C6E16C397B5575927CE5D659B9C7CE91] (Realtek Semiconductor Corp. → Realtek Semiconductor Corporation) C:\hp\Network_Driver\REALTEK\RealtekRT_331SB2\1.0.0.206\src\Drivers\RTWLANE_Driver\Win10X86\rtwlane601.sys

====== Final de Folder: ======

sandra · 24 Noviembre, 2023 18:15

Hola, @MIXU. Este es el último.

========================= Folder: C:\ProgramData\McInstTemp0218891670236073 ========================

2022-12-05 11:27 - 2022-02-19 04:40 - 000913112 ____A [70031F73095FDDA333A4D8D0DD8EC14D] (McAfee, LLC → McAfee, LLC) C:\ProgramData\McInstTemp0218891670236073\McInst.exe

====== Final de Folder: ======

========================= File: C:\WINDOWS\system32\Drivers\gen3p1pkey.dat;C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk;C:\WINDOWS\system32\ctac.json;C:\WINDOWS\SysWOW64\ctac.json;C:\WINDOWS\system32\hologramcompositor.lock;C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json;C:\System.sav;C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_642dd10f697d62b0\x64\BridgeCommunication.exe;C:\Windows\System32\DriverStore\FileRepository\u0387389.inf_amd64_995be970e30b8c79\B385477\atieclxx.exe ========================

C:\WINDOWS\system32\Drivers\gen3p1pkey.dat Archivo no firmado MD5: 6386092BD4CABCE186E9DAF274ABD52B Fecha de creación y modificación: 2023-10-24 13:05 - 2020-07-21 17:44 Tamaño: 000028652 Atributos: ----A Nombre de la compañía: Interno Nombre: Original Nombre: Producto: Descripción: Archivo Versión: Producto Versión: Copyright: VirusTotal: [VirusTotal](https://www.virustotal.com/gui/file/b3cd08e1b900584f88a74fe40719abe6fb6d4d74ace2a9f5120edcdfdd64e3b7/detection/f-b3cd08e1b900584f88a74fe40719abe6fb6d4d74ace2a9f5120edcdfdd64e3b7-1680295176)

“C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk” => no encontrado C:\WINDOWS\system32\ctac.json Catalog: C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package02~31bf3856ad364e35~amd64~~10.0.22621.2506.cat El archivo está firmado digitalmente MD5: 2A6B98AB4BA1564950C4779EFD7944E5 Fecha de creación y modificación: 2023-10-24 22:54 - 2023-10-24 22:54 Tamaño: 000060462 Atributos: ----A Nombre de la compañía: Microsoft Windows → Interno Nombre: Original Nombre: Producto: Descripción: Archivo Versión: Producto Versión: Copyright: VirusTotal: [VirusTotal](https://www.virustotal.com/gui/file/7f9ce7e10b4ed9e997e769532206ce9987fbc3d6c273f38df75640ec4d521352/detection/f-7f9ce7e10b4ed9e997e769532206ce9987fbc3d6c273f38df75640ec4d521352-1696771721)

C:\WINDOWS\SysWOW64\ctac.json Catalog: C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package02~31bf3856ad364e35~amd64~~10.0.22621.2506.cat El archivo está firmado digitalmente MD5: 2A6B98AB4BA1564950C4779EFD7944E5 Fecha de creación y modificación: 2023-10-24 22:54 - 2023-10-24 22:54 Tamaño: 000060462 Atributos: ----A Nombre de la compañía: Microsoft Windows → Interno Nombre: Original Nombre: Producto: Descripción: Archivo Versión: Producto Versión: Copyright: VirusTotal: [VirusTotal](https://www.virustotal.com/gui/file/7f9ce7e10b4ed9e997e769532206ce9987fbc3d6c273f38df75640ec4d521352/detection/f-7f9ce7e10b4ed9e997e769532206ce9987fbc3d6c273f38df75640ec4d521352-1696771721)

C:\WINDOWS\system32\hologramcompositor.lock Catalog: C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Holographic-Desktop-Analog-FOD-merged-Package~31bf3856ad364e35~amd64~~10.0.22621.2506.cat El archivo está firmado digitalmente MD5: B5B635E1B7F17EBAD35652123FE6AA54 Fecha de creación y modificación: 2023-10-24 22:52 - 2022-05-06 22:02 Tamaño: 000000002 Atributos: ----A Nombre de la compañía: Microsoft Windows → Interno Nombre: Original Nombre: Producto: Descripción: Archivo Versión: Producto Versión: Copyright: VirusTotal: [VirusTotal](https://www.virustotal.com/gui/file/6b6daa8334bbcc8f6b5906b6c04be041d92700b74024f73f50e0a9f0dae5f06f/detection/f-6b6daa8334bbcc8f6b5906b6c04be041d92700b74024f73f50e0a9f0dae5f06f-1390828473)

C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json Catalog: C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.22621.2506.cat El archivo está firmado digitalmente MD5: 3716A431346037491C900A3221708905 Fecha de creación y modificación: 2023-10-29 10:58 - 2023-10-29 10:58 Tamaño: 000016240 Atributos: ----A Nombre de la compañía: Microsoft Windows → Interno Nombre: Original Nombre: Producto: Descripción: Archivo Versión: Producto Versión: Copyright: VirusTotal: [VirusTotal](https://www.virustotal.com/gui/file/04a187aa6bfd80c533c871115551bb1a16ba73fe14c7f5d1a48fa8f602ec3372/detection/f-04a187aa6bfd80c533c871115551bb1a16ba73fe14c7f5d1a48fa8f602ec3372-1699320425)

C:\System.sav [symlink → C:\Recovery\OEM\LOGS\SYSTEM.SAV] Archivo no firmado MD5: [symlink → C:\Recovery\OEM\LOGS\SYSTEM.SAV] Fecha de creación y modificación: 2023-10-24 23:00 - 2023-10-24 23:00 Tamaño: 000000000 Atributos: --HDL Nombre de la compañía: Interno Nombre: Original Nombre: Producto: Descripción: Archivo Versión: Producto Versión: Copyright: VirusTotal: 0-byte

C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_642dd10f697d62b0\x64\BridgeCommunication.exe Catalog: C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.cat El archivo está firmado digitalmente MD5: 2D5CD67E62BF7F09EBA5B5B4E834E7A1 Fecha de creación y modificación: 2023-09-25 03:32 - 2023-09-25 03:32 Tamaño: 000833488 Atributos: ----A Nombre de la compañía: HP Inc. → HP Inc. Interno Nombre: BridgeCommunication.exe Original Nombre: BridgeCommunication.exe Producto: BridgeCommunication Descripción: Archivo Versión: 1.60.3467.0 Producto Versión: 1.60.3467.0 Copyright: Copyright (c) 2018 HP Development Company, L.P. VirusTotal: [VirusTotal](https://www.virustotal.com/gui/file/f6dc076f91ecb5e495a03d572d8e6e7fb1b39f2732bd279427fc4b4f33dc22ce/detection/f-f6dc076f91ecb5e495a03d572d8e6e7fb1b39f2732bd279427fc4b4f33dc22ce-1700766645)

C:\Windows\System32\DriverStore\FileRepository\u0387389.inf_amd64_995be970e30b8c79\B385477\atieclxx.exe Catalog: C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem61.cat El archivo está firmado digitalmente MD5: ACEF04356419D39ACA18C8A07E5A8312 Fecha de creación y modificación: 2023-01-11 01:25 - 2023-01-11 01:25 Tamaño: 000940416 Atributos: ----A Nombre de la compañía: Advanced Micro Devices Inc. → AMD Interno Nombre: ATIECLXX.EXE Original Nombre: ATIECLXX.EXE Producto: AMD External Events Descripción: AMD External Events Client Module Archivo Versión: 6.14.11.1290 Producto Versión: 6.14.11.1290 Copyright: Copyright © 2008-2009 AMD VirusTotal: [VirusTotal](https://www.virustotal.com/gui/file/3b46a0f4a440a69f7484373840dc05d884e123b6491c75ed10185f4d4f088648/detection/f-3b46a0f4a440a69f7484373840dc05d884e123b6491c75ed10185f4d4f088648-1694196424)

====== Final de File: ======

========================= File: %systemroot%\system32\MusNotification.exe ========================

“%systemroot%\system32\MusNotification.exe” => no encontrado ====== Final de File: ======

VirusTotal: C:\WINDOWS\system32\Drivers\gen3p1pkey.dat => [VirusTotal](https://www.virustotal.com/gui/file/b3cd08e1b900584f88a74fe40719abe6fb6d4d74ace2a9f5120edcdfdd64e3b7/detection/f-b3cd08e1b900584f88a74fe40719abe6fb6d4d74ace2a9f5120edcdfdd64e3b7-1680295176) “VirusTotal: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk” => no encontrado VirusTotal: C:\WINDOWS\system32\ctac.json => [VirusTotal](https://www.virustotal.com/gui/file/7f9ce7e10b4ed9e997e769532206ce9987fbc3d6c273f38df75640ec4d521352/detection/f-7f9ce7e10b4ed9e997e769532206ce9987fbc3d6c273f38df75640ec4d521352-1696771721) VirusTotal: C:\WINDOWS\SysWOW64\ctac.json => [VirusTotal](https://www.virustotal.com/gui/file/7f9ce7e10b4ed9e997e769532206ce9987fbc3d6c273f38df75640ec4d521352/detection/f-7f9ce7e10b4ed9e997e769532206ce9987fbc3d6c273f38df75640ec4d521352-1696771721) VirusTotal: C:\WINDOWS\system32\hologramcompositor.lock => [VirusTotal](https://www.virustotal.com/gui/file/6b6daa8334bbcc8f6b5906b6c04be041d92700b74024f73f50e0a9f0dae5f06f/detection/f-6b6daa8334bbcc8f6b5906b6c04be041d92700b74024f73f50e0a9f0dae5f06f-1390828473) VirusTotal: C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json => [VirusTotal](https://www.virustotal.com/gui/file/04a187aa6bfd80c533c871115551bb1a16ba73fe14c7f5d1a48fa8f602ec3372/detection/f-04a187aa6bfd80c533c871115551bb1a16ba73fe14c7f5d1a48fa8f602ec3372-1699320425) VirusTotal: C:\System.sav => [symlink → C:\Recovery\OEM\LOGS\SYSTEM.SAV] VirusTotal: C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_642dd10f697d62b0\x64\BridgeCommunication.exe => [VirusTotal](https://www.virustotal.com/gui/file/f6dc076f91ecb5e495a03d572d8e6e7fb1b39f2732bd279427fc4b4f33dc22ce/detection/f-f6dc076f91ecb5e495a03d572d8e6e7fb1b39f2732bd279427fc4b4f33dc22ce-1700766645) VirusTotal: C:\Windows\System32\DriverStore\FileRepository\u0387389.inf_amd64_995be970e30b8c79\B385477\atieclxx.exe => [VirusTotal](https://www.virustotal.com/gui/file/3b46a0f4a440a69f7484373840dc05d884e123b6491c75ed10185f4d4f088648/detection/f-3b46a0f4a440a69f7484373840dc05d884e123b6491c75ed10185f4d4f088648-1694196424) “VirusTotal: %systemroot%\system32\MusNotification.exe” => no encontrado C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe => No se encontró ningún proceso en ejecución “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}” => eliminado correctamente “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}” => eliminado correctamente C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => movido correctamente “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker” => eliminado correctamente Edge DefaultProfile: Default => Error: Ninguna corrección automática encontrada para esta entrada.

“C:\Users\sandr\AppData\Local\Microsoft\Edge\User Data\Default” carpeta mover:

C:\Users\sandr\AppData\Local\Microsoft\Edge\User Data\Default => movido correctamente Edge Extension: (Edge relevant text changes) - C:\Users\sandr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-24] => Error: Ninguna corrección automática encontrada para esta entrada. Edge Extension: (SpyHunter® Web Security) - C:\Users\sandr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\njlbddfaminajpokdojoimbcbaaboohm [2023-10-24] => Error: Ninguna corrección automática encontrada para esta entrada. EsgShKernel => servicio no encontrado. ShMonitor => servicio no encontrado.

“C:$WinREAgent” carpeta mover:

C:$WinREAgent => movido correctamente “C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk” => no encontrado “C:\sh5ldr” => no encontrado “C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft” => no encontrado “C:\ProgramData\EnigmaSoft Limited” => no encontrado

“C:$SysReset” carpeta mover:

C:$SysReset => movido correctamente

“C:\ProgramData\McInstTemp0218891670236073” carpeta mover:

C:\ProgramData\McInstTemp0218891670236073 => movido correctamente HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE => eliminado correctamente HKLM\Software\Classes\CLSID{5E2121EE-0300-11D4-8D3B-444553540000} => eliminado correctamente “C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe” => no encontrado “C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe” => no encontrado “C:\Program Files\EnigmaSoft\SpyHunter” => no encontrado “C:\Program Files\EnigmaSoft” => no encontrado

========= ipconfig /flushdns =========

Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========

========= ipconfig /renew =========

Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de rea local* 1 mientras los medios est‚n desconectados. No se puede realizar ninguna operaci¢n en Conexi¢n de rea local* 2 mientras los medios est‚n desconectados. No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios est‚n desconectados.

Adaptador de LAN inal mbrica Conexi¢n de rea local* 1:

Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . :

Adaptador de LAN inal mbrica Conexi¢n de rea local* 2:

Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . :

Adaptador de LAN inal mbrica Wi-Fi:

Sufijo DNS espec¡fico para la conexi¢n. . : Home V¡nculo: direcci¢n IPv6 local. . . : fe80::6c2b:5d51:e226:a7ef%10 Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.128 M scara de subred . . . . . . . . . . . . : 255.255.255.0 Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de Ethernet Conexi¢n de red Bluetooth:

Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . :

========= Final de CMD: =========

========= bitsadmin /reset /allusers =========

BITSADMIN version 3.0 BITS administration utility. (C) Copyright Microsoft Corp.

0 out of 0 jobs canceled.

========= Final de CMD: =========

========= netsh winsock reset =========

El cat logo Winsock se restableci¢ correctamente. Debe reiniciar el equipo para completar el restablecimiento.

========= Final de CMD: =========

========= netsh advfirewall reset =========

Aceptar

========= Final de CMD: =========

========= netsh advfirewall set allprofiles state ON =========

Aceptar

========= Final de CMD: =========

========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente. Compartimiento se restableci¢ correctamente. Protocolo de control se restableci¢ correctamente. Solicitud de secuencia eco se restableci¢ correctamente. Global se restableci¢ correctamente. Interfaz se restableci¢ correctamente. Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente. Direcciones de multidifusi¢n se restableci¢ correctamente. Direcci¢n de unidifusi¢n se restableci¢ correctamente. Vecino se restableci¢ correctamente. Ruta de acceso se restableci¢ correctamente. Posible se restableci¢ correctamente. Directiva de prefijo se restableci¢ correctamente. Vecino de proxy se restableci¢ correctamente. Ruta se restableci¢ correctamente. Prefijo de sitio se restableci¢ correctamente. Subinterfaz se restableci¢ correctamente. Patr¢n de reactivaci¢n se restableci¢ correctamente. Resolver vecino se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Error al restablecer . Acceso denegado.

se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Reinicie el equipo para completar esta acci¢n.

========= Final de CMD: =========

========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente. Compartimiento se restableci¢ correctamente. Protocolo de control se restableci¢ correctamente. Solicitud de secuencia eco se restableci¢ correctamente. Global se restableci¢ correctamente. Interfaz se restableci¢ correctamente. Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente. Direcciones de multidifusi¢n se restableci¢ correctamente. Direcci¢n de unidifusi¢n se restableci¢ correctamente. Vecino se restableci¢ correctamente. Ruta de acceso se restableci¢ correctamente. Posible se restableci¢ correctamente. Directiva de prefijo se restableci¢ correctamente. Vecino de proxy se restableci¢ correctamente. Ruta se restableci¢ correctamente. Prefijo de sitio se restableci¢ correctamente. Subinterfaz se restableci¢ correctamente. Patr¢n de reactivaci¢n se restableci¢ correctamente. Resolver vecino se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Error al restablecer . Acceso denegado.

se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Reinicie el equipo para completar esta acci¢n.

========= Final de CMD: =========

========= RemoveProxy: =========

“HKU.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings” => eliminado correctamente “HKU.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings” => eliminado correctamente “HKU\S-1-5-21-2496661861-3415350462-1559059813-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings” => eliminado correctamente “HKU\S-1-5-21-2496661861-3415350462-1559059813-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings” => eliminado correctamente

========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente Hosts restaurado correctamente.

=========== EmptyTemp: ==========

FlushDNS => completado BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 28479161 B Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B Windows/system/drivers => 17741434 B Edge => 0 B Chrome => 573119414 B Firefox => 0 B Opera => 0 B

Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 10843264 B sandr => 124617963 B

RecycleBin => 17418629 B EmptyTemp: => 736.4 MB datos temporales eliminados.

================================

El sistema necesita reiniciarse.

==== Final de Fixlog 18:44:56 ====

MIXU · 27 Noviembre, 2023 00:56

Hola buenas @sandra

En primer lugar, disculpa que haya tardado en responder.

Ok. No te preocupes por eso.

Necesito logs frescos y que estén actualizados… así que:

[color=#2271b3] EN BUSCA / ELIMINACIÓN DE MALWARE [/color]

Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

[color=#ff00]LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE[/color] (y no en otro sitio).

Descargas Farbar Recovery Scan Tool [color=#ff00]MUY IMPORTANTE[/color] >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?

Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

Farbar Recovery Scan Tool

Ejecutas el FRST.exe[size=2] (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).[/size]
Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.
En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.
Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.

[color=#ff00]Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado.[/color] [color=#ff00]También conectas nuevamente tu equipo a Internet.[/color]

[color=#2271b3] PRÓXIMA RESPUESTA[/color]

Pegas los reportes de FRST.txt y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).

NOTA IMPORTANTE

[color=#ff0000]Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:[/color]

No realices pasos/acciones que NOSOTROS no te hayamos indicado.

No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.

No instales NADA (programas/software/complementos/extensiones del navegador…).

No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).

No realices por tu cuenta otros procedimientos.

Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

Salu2.

sandra · 27 Noviembre, 2023 18:47

Hola, @MIXU . Que va, tranquilo. Si bastante paliza te estoy dando con el dichoso malware. Te facilito los informes que me solicitabas.

Comienzo con el de FRST.txt:

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 05-11-2023 02
Ejecutado por sandr (administrador) sobre SANDRA (HP HP Laptop 15s-eq2xxx) (27-11-2023 19:38:08)
Ejecutado desde C:\Users\sandr\OneDrive\Escritorio\FRST64.exe
Perfiles cargados: sandr
Plataforma: Microsoft Windows 11 Home Versión 23H2 22631.2715 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Edge
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(C:\Program Files\WindowsApps\MicrosoftTeams_23285.3703.2471.4627_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.72\msedgewebview2.exe <12>
(DriverStore\FileRepository\u0387389.inf_amd64_995be970e30b8c79\B385477\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0387389.inf_amd64_995be970e30b8c79\B385477\atieclxx.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_1.3.39.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(SECOMN64.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0387389.inf_amd64_995be970e30b8c79\B385477\atiesrxx.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_2f779d0a8fdf496c\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_30f448e100bbebf7\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_30f448e100bbebf7\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_30f448e100bbebf7\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_30f448e100bbebf7\x64\SysInfoCap.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkWiFiManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_0c755fff65745edd\RtkAudUService64.exe <3>
(sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_26.52343.948.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_26.52343.948.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\sandr\AppData\Local\Microsoft\OneDrive\23.226.1031.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.29700.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_0c755fff65745edd\RtkAudUService64.exe [1923384 2023-09-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-2496661861-3415350462-1559059813-1001\...\Run: [MicrosoftEdgeAutoLaunch_E6FEE7AE0FAF53EF4FD0AB3BD1E5388D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896768 2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2496661861-3415350462-1559059813-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44529568 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\119.0.6045.160\Installer\chrmstp.exe [2023-11-17] (Google LLC -> Google LLC)

==================== Tareas programadas (Lista blanca) =================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {9CC1BAC8-EED7-49B2-8E87-ECE0A16A9745} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {F52E9B8C-09F0-4FBA-90CE-E0F830CA9BC0} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "a57815b0-c28c-4356-b1ab-08629b73bc3f" --version "6.18.10838" --silent
Task: {4064341E-FB9C-405A-9B3E-72D39683FC8F} - System32\Tasks\CCleanerSkipUAC - sandr => C:\Program Files\CCleaner\CCleaner.exe [37546912 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {613A04DC-150B-472A-ADC8-C66C422593D4} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\sandr\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-11-15] (ESET, spol. s r.o. -> ESET)
Task: {16358980-366E-407C-9F18-3A189CA69E96} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\sandr\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-11-15] (ESET, spol. s r.o. -> ESET)
Task: {B06EFC99-40A5-4EDD-8A82-B031250E0B02} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2023-10-27] (Google Inc -> Google LLC)
Task: {C3BB7751-8887-429D-BFC9-200B9D4F8ECF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2023-10-27] (Google Inc -> Google LLC)
Task: {42A38F67-417C-4490-AE69-4EEC57060AE8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [703536 2023-10-30] (HP Inc. -> HP Inc.)
Task: {9BDB5EFB-D42E-40ED-9AEE-4DA0BF36C3A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-10-30] (HP Inc. -> HP Inc.)
Task: {CF61500A-98FB-4BD1-8326-A92839D08EE2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161264 2023-10-30] (HP Inc. -> HP Inc.)
Task: {C8EFE692-A04B-4172-A957-CC4992F5B30F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161264 2023-10-30] (HP Inc. -> HP Inc.)
Task: {50F33D46-6188-4C76-B227-D13F1684617C} - System32\Tasks\HP\Consent Manager Launcher => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {B8B1FA80-A686-4E71-9635-AC178D1EC8C9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {65E04F87-58FB-4A7D-80D8-047561940715} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {532FC3E0-0AAF-4062-A1BE-4D61FE0D5608} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-11-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {F0831201-755F-4C46-A710-1BBE707A0BFE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-11-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC21BD52-0ED8-4994-8385-4C1AC8C98F0F} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169656 2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA5A937B-9E15-4069-91B1-31D1DE30B591} - System32\Tasks\Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask => {82aa0895-198a-4c1b-b2d1-c16894218afb} C:\WINDOWS\System32\unifiedconsent.dll [311296 2023-10-29] (Microsoft Windows -> Microsoft Corporation)
Task: {00E77B36-4E65-4857-A32C-932CCAD4A947} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3E683D11-8D2A-41B0-88AC-C5DC37BF83A2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D1518D61-C5F2-476B-BE73-EF3798FCD63D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AB593A3A-E00C-4F8D-A051-FAE7CC9A216D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 212.230.135.2 212.230.135.1
Tcpip\..\Interfaces\{64f3160b-eb02-4e44-b123-b3568de1223e}: [DhcpNameServer] 212.230.135.2 212.230.135.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\sandr\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-27]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\sandr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-11-24]
Edge Extension: (Documentos de Google sin conexión) - C:\Users\sandr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-24]
Edge Extension: (Edge relevant text changes) - C:\Users\sandr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-24]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-10-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR Profile: C:\Users\sandr\AppData\Local\Google\Chrome\User Data\Default [2023-11-27]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Documentos de Google sin conexión) - C:\Users\sandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-27]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\sandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-11-16]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\sandr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-27]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12882616 2023-11-11] (Microsoft Corporation -> Microsoft Corporation)
S3 CloudBackupRestoreSvc; C:\WINDOWS\System32\CloudRestoreLauncher.dll [1355776 2023-10-29] (Microsoft Windows -> Microsoft Corporation)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_30f448e100bbebf7\x64\AppHelperCap.exe [887856 2023-10-25] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_30f448e100bbebf7\x64\DiagsCap.exe [886720 2023-10-25] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_30f448e100bbebf7\x64\NetworkCap.exe [882728 2023-10-25] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_30f448e100bbebf7\x64\SysInfoCap.exe [886832 2023-10-25] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_2f779d0a8fdf496c\x64\TouchpointAnalyticsClientService.exe [491648 2023-10-23] (HP Inc. -> HP Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9343840 2023-11-03] (Malwarebytes Inc. -> Malwarebytes)
R2 RtkWiFiManServ; C:\WINDOWS\RtkWiFiManServ.exe [826936 2021-12-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 SECOMNService; C:\WINDOWS\System32\SECOMN64.exe [760776 2022-07-08] (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 AMDAfdAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\amdacpafd.inf_amd64_dea03ff0fb4183f1\amdacpafd.sys [435136 2023-02-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [54776 2023-01-11] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0387389.inf_amd64_995be970e30b8c79\B385477\amdkmdag.sys [94633328 2023-01-11] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 amdwirelessbutton; C:\WINDOWS\System32\drivers\amdwirelessbutton.sys [41712 2022-07-11] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [154504 2022-06-01] (Alcorlink Corp. -> )
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Archivo no firmado]
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [218592 2023-10-29] (Microsoft Windows -> Microsoft Corporation)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-10-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-10-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [76832 2022-09-30] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S4 UCPD; C:\WINDOWS\System32\drivers\UCPD.sys [29184 2023-10-24] (Microsoft Windows -> Microsoft Corporation)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [94208 2023-10-29] (Microsoft Windows -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
U3 aspnet_state; no ImagePath

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2023-11-27 19:28 - 2023-11-27 19:28 - 000274028 _____ C:\Users\sandr\Downloads\DCM_Bloque 2_parte 1 (1).pdf
2023-11-27 15:55 - 2023-11-27 15:55 - 000522433 _____ C:\Users\sandr\Downloads\DEI_BT2_parte1_2.pdf
2023-11-27 15:51 - 2023-11-27 15:51 - 000438547 _____ C:\Users\sandr\Downloads\Tema 3.pdf
2023-11-27 15:50 - 2023-11-27 15:50 - 000320217 _____ C:\Users\sandr\Downloads\DSA_Test Tema 2_ Revisión del intento.pdf
2023-11-26 19:51 - 2023-11-26 19:51 - 000210712 _____ C:\Users\sandr\Downloads\Hoy mi día ha sido asi.mp4
2023-11-26 19:33 - 2023-11-26 19:33 - 002042802 _____ C:\Users\sandr\Downloads\PPT Tema 4.pdf
2023-11-26 19:32 - 2023-11-26 19:32 - 000850371 _____ C:\Users\sandr\Downloads\Manual Tema 4.pdf
2023-11-26 19:31 - 2023-11-26 19:31 - 000293749 _____ C:\Users\sandr\Downloads\Autoevaluación unidad 3_ Revisión del intento.pdf
2023-11-24 18:51 - 2023-11-24 18:51 - 000771112 _____ C:\WINDOWS\system32\perfh00A.dat
2023-11-24 18:51 - 2023-11-24 18:51 - 000155058 _____ C:\WINDOWS\system32\perfc00A.dat
2023-11-24 18:21 - 2023-11-24 18:21 - 000000238 _____ C:\Users\sandr\OneDrive\Documentos\DelFix24_11_23.txt
2023-11-24 18:21 - 2023-11-24 18:21 - 000000238 _____ C:\DelFix.txt
2023-11-24 18:21 - 2023-11-24 18:21 - 000000000 ____D C:\WINDOWS\ERUNT
2023-11-24 18:18 - 2023-11-24 18:18 - 000797760 _____ C:\Users\sandr\Downloads\delfix_1.013.exe
2023-11-23 20:47 - 2023-11-23 20:47 - 001428938 _____ C:\Users\sandr\Downloads\GUIA_PRL_ACADE.pdf
2023-11-23 20:39 - 2023-11-23 20:39 - 002232362 _____ C:\Users\sandr\Downloads\Guia_SaludLaboralInfantil (1).pdf
2023-11-23 20:25 - 2023-11-23 20:25 - 000095832 _____ C:\Users\sandr\Downloads\p5sd8324.pdf
2023-11-23 20:21 - 2023-11-23 20:14 - 000872716 _____ C:\Users\sandr\OneDrive\Documentos\Practicaeducativaysaludocente.pdf
2023-11-23 20:21 - 2023-11-23 20:04 - 000919094 _____ C:\Users\sandr\OneDrive\Documentos\docente.pdf
2023-11-23 20:21 - 2023-11-23 19:21 - 002952867 _____ C:\Users\sandr\OneDrive\Documentos\p5sd13252.pdf
2023-11-23 20:21 - 2023-11-23 18:30 - 000437111 _____ C:\Users\sandr\OneDrive\Documentos\DEI_BT2_parte1 (1).pdf
2023-11-23 20:14 - 2023-11-23 20:14 - 000872716 _____ C:\Users\sandr\Downloads\Practicaeducativaysaludocente.pdf
2023-11-23 20:04 - 2023-11-23 20:04 - 000919094 _____ C:\Users\sandr\Downloads\docente.pdf
2023-11-23 19:21 - 2023-11-23 19:21 - 002952867 _____ C:\Users\sandr\Downloads\p5sd13252.pdf
2023-11-23 18:30 - 2023-11-23 18:30 - 000437111 _____ C:\Users\sandr\Downloads\DEI_BT2_parte1 (1).pdf
2023-11-22 19:55 - 2023-11-22 19:56 - 003175870 _____ C:\Users\sandr\Downloads\(Sin asunto).zip
2023-11-22 19:06 - 2023-11-22 19:06 - 001148249 _____ C:\Users\sandr\Downloads\TRILOGÍA “COMO TÚ” (2).mp4
2023-11-22 18:53 - 2023-11-22 18:53 - 010161193 _____ C:\Users\sandr\Downloads\TRILOGÍA “COMO TÚ” (1).mp4
2023-11-22 18:48 - 2023-11-22 18:48 - 001594334 _____ C:\Users\sandr\Downloads\TRILOGÍA “COMO TÚ”.mp4
2023-11-22 18:40 - 2023-11-22 18:40 - 001722588 _____ C:\Users\sandr\Downloads\Diseño sin título.mp4
2023-11-21 23:25 - 2023-11-21 23:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2023-11-21 23:25 - 2023-11-21 23:25 - 000000000 ____D C:\Program Files\VS Revo Group
2023-11-21 23:23 - 2023-11-21 23:23 - 006970144 _____ (VS Revo Group ) C:\Users\sandr\Downloads\revosetup.exe
2023-11-21 20:58 - 2023-11-21 20:58 - 001107024 _____ C:\Users\sandr\Downloads\Post de Instagram reyes magos elegante madera (1).mp4
2023-11-21 20:41 - 2023-11-21 20:41 - 000816391 _____ C:\Users\sandr\Downloads\Video para Móviles Rebajas Navidad Elegante Azul Dorado (1).mp4
2023-11-21 20:21 - 2023-11-21 20:21 - 003831276 _____ C:\Users\sandr\Downloads\Presentacion de navidad navideño infantil colorido (2).mp4
2023-11-21 19:56 - 2023-11-21 19:56 - 005127342 _____ C:\Users\sandr\Downloads\Presentación Juego navidad Creativo Verde y Rojo.mp4
2023-11-21 19:24 - 2023-11-21 19:24 - 000359635 _____ C:\Users\sandr\Downloads\Merry.mp4
2023-11-21 19:09 - 2023-11-21 19:15 - 003645924 _____ C:\Users\sandr\Downloads\El reo.mp4
2023-11-21 12:10 - 2023-11-21 12:10 - 006650067 _____ C:\Users\sandr\Downloads\Presentacion de navidad navideño infantil colorido.mp4
2023-11-21 12:09 - 2023-11-21 12:09 - 003586144 _____ C:\Users\sandr\Downloads\Presentacion de navidad navideño infantil colorido.pdf
2023-11-21 12:02 - 2023-11-21 12:02 - 006633933 _____ C:\Users\sandr\Downloads\Presentacion de navidad navideño infantil colorido (1).mp4
2023-11-17 19:10 - 2023-11-17 19:10 - 000274028 _____ C:\Users\sandr\Downloads\DCM_Bloque 2_parte 1.pdf
2023-11-17 19:05 - 2023-11-17 19:05 - 000438292 _____ C:\Users\sandr\Downloads\DCM_TEST_BT1_ Revisión del intento.pdf
2023-11-17 18:36 - 2023-11-17 18:36 - 000437111 _____ C:\Users\sandr\Downloads\DEI_BT2_parte1.pdf
2023-11-15 20:03 - 2023-11-15 20:03 - 000837781 _____ C:\Users\sandr\Downloads\DEI_CONT_CURRIC tema 2 didactica.pdf
2023-11-15 20:02 - 2023-11-15 20:02 - 000472924 _____ C:\Users\sandr\Downloads\DEI_TEST_BT1_ Revisión del intento.pdf
2023-11-15 17:35 - 2023-11-27 19:38 - 000000000 ____D C:\FRST
2023-11-15 17:33 - 2023-11-15 17:33 - 002383872 _____ (Farbar) C:\Users\sandr\Downloads\FRST64.exe
2023-11-13 20:22 - 2023-11-13 20:22 - 000547759 _____ C:\Users\sandr\Downloads\PPT RIESGOS Unidad 3 Primeros auxilios.pdf
2023-11-13 20:21 - 2023-11-13 20:21 - 001371579 _____ C:\Users\sandr\Downloads\Tema 3 Primeros auxilios.pdf
2023-11-13 20:20 - 2023-11-13 20:20 - 000326471 _____ C:\Users\sandr\Downloads\Autoevaluación unidad 2_ La gestión de la prevención_ Revisión del intento.pdf
2023-11-13 13:29 - 2023-11-13 13:34 - 000000000 ____D C:\Users\sandr\AppData\Roaming\Microsoft\Excel
2023-11-11 17:36 - 2023-11-11 17:36 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2023-11-10 19:53 - 2023-11-10 19:53 - 000000000 ____D C:\KVRT2020_Data
2023-11-10 19:52 - 2023-11-10 19:52 - 107097456 _____ (AO Kaspersky Lab) C:\Users\sandr\Downloads\KVRT.exe
2023-11-10 19:48 - 2023-11-10 19:48 - 000000610 _____ C:\Users\sandr\OneDrive\Documentos\informe Esset 10_11_23.txt
2023-11-10 18:44 - 2023-11-15 17:28 - 000001389 _____ C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-11-10 18:44 - 2023-11-10 18:44 - 000000000 ____D C:\Users\sandr\AppData\Local\ESET
2023-11-10 18:42 - 2023-11-10 18:43 - 015274968 _____ (ESET) C:\Users\sandr\Downloads\esetonlinescanner.exe
2023-11-10 18:35 - 2023-11-10 18:35 - 000003239 _____ C:\Users\sandr\OneDrive\Documentos\ZHPCleaner10_11_23.txt
2023-11-10 18:20 - 2023-11-10 18:20 - 003344544 _____ (Nicolas Coolman) C:\Users\sandr\Downloads\ZHPCleaner (1).exe
2023-11-09 18:46 - 2023-11-09 18:46 - 000001974 _____ C:\Users\sandr\OneDrive\Documentos\cc_20231109_184637.reg
2023-11-04 19:02 - 2023-11-04 19:02 - 003345285 _____ C:\Users\sandr\Downloads\La literatura infantil como recurso educativo..pdf
2023-11-04 18:54 - 2023-11-04 18:54 - 000363315 _____ C:\Users\sandr\Downloads\oca,+2386-3919-2018-0036-0001-0179-0197.pdf
2023-11-04 18:51 - 2023-11-04 18:51 - 000878762 _____ C:\Users\sandr\Downloads\TFG-G2563.pdf
2023-11-04 17:44 - 2023-11-04 17:44 - 000000000 ____D C:\Users\sandr\AppData\Local\Backup
2023-11-04 17:40 - 2023-11-04 17:40 - 001648826 _____ C:\Users\sandr\Downloads\15487441.pdf
2023-11-04 15:51 - 2023-11-04 15:51 - 000000000 ____D C:\Users\sandr\AppData\Roaming\Microsoft\Document Building Blocks
2023-11-03 19:37 - 2023-11-03 19:37 - 000000000 ____D C:\Users\sandr\AppData\Roaming\Microsoft\PowerPoint
2023-11-03 15:59 - 2023-11-03 15:59 - 000003885 _____ C:\Users\sandr\OneDrive\Documentos\ZHPCleaner.txt
2023-11-03 15:43 - 2023-11-10 18:32 - 000000000 ____D C:\Users\sandr\AppData\Roaming\ZHP
2023-11-03 15:43 - 2023-11-03 15:43 - 000000000 ____D C:\Users\sandr\AppData\Local\ZHP
2023-11-03 15:41 - 2023-11-03 15:41 - 003344032 _____ (Nicolas Coolman) C:\Users\sandr\Downloads\ZHPCleaner.exe
2023-11-03 15:38 - 2023-11-03 15:38 - 000002070 _____ C:\Users\sandr\OneDrive\Documentos\cc_20231103_153831.reg
2023-11-03 15:33 - 2023-11-03 15:33 - 000002510 _____ C:\Users\sandr\OneDrive\Documentos\AdwCleaner[C02].txt
2023-11-03 15:20 - 2023-11-03 15:20 - 000003704 _____ C:\Users\sandr\OneDrive\Documentos\cc_20231103_151951.reg
2023-11-02 21:11 - 2023-11-03 14:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2023-11-02 21:11 - 2023-11-02 21:11 - 000000000 ____D C:\Users\sandr\AppData\Local\HP
2023-11-02 19:22 - 2023-11-02 19:22 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-10-30 19:39 - 2023-10-30 19:39 - 002232362 _____ C:\Users\sandr\Downloads\Guia_SaludLaboralInfantil.pdf
2023-10-30 17:25 - 2023-11-23 20:21 - 000000000 ____D C:\Users\sandr\OneDrive\Documentos\curso
2023-10-30 17:10 - 2023-10-30 17:10 - 000000000 ____D C:\Users\sandr\AppData\Roaming\Microsoft\QuickStyles
2023-10-29 17:27 - 2023-10-29 17:27 - 000010572 _____ C:\Users\sandr\OneDrive\Documentos\cc_20231029_172725.reg
2023-10-29 17:12 - 2023-10-29 17:12 - 000004074 _____ C:\Users\sandr\OneDrive\Documentos\AdwCleaner[C01].txt
2023-10-29 17:07 - 2023-10-29 17:11 - 000000000 ____D C:\AdwCleaner
2023-10-29 17:00 - 2023-10-29 17:00 - 008791352 _____ (Malwarebytes) C:\Users\sandr\Downloads\adwcleaner.exe
2023-10-29 16:35 - 2023-10-29 16:35 - 000007670 _____ C:\Users\sandr\OneDrive\Documentos\cc_20231029_163527.reg
2023-10-29 16:31 - 2023-11-27 15:42 - 000000000 ____D C:\Program Files\CCleaner
2023-10-29 16:31 - 2023-11-24 18:12 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-10-29 16:31 - 2023-11-23 15:56 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-10-29 16:31 - 2023-11-23 15:56 - 000003382 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-10-29 16:31 - 2023-10-29 16:31 - 000002886 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - sandr
2023-10-29 16:31 - 2023-10-29 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-10-29 11:35 - 2023-10-29 11:35 - 000000000 ____D C:\Users\sandr\AppData\Local\OneDrive
2023-10-29 10:58 - 2023-10-29 10:58 - 000016240 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-10-28 16:47 - 2023-11-08 15:38 - 000000000 ____D C:\Users\sandr\AppData\Local\CrashDumps

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2023-11-27 19:35 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-27 19:08 - 2023-10-27 16:40 - 000000000 ____D C:\Program Files (x86)\Google
2023-11-27 19:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-11-27 18:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-11-27 16:46 - 2023-10-24 13:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-11-27 15:42 - 2023-10-24 14:30 - 000000000 ____D C:\Users\sandr\AppData\Local\Malwarebytes
2023-11-27 15:42 - 2023-10-24 13:28 - 000000000 ___RD C:\Users\sandr\OneDrive
2023-11-26 22:34 - 2023-10-24 14:02 - 000000000 ____D C:\Users\sandr\AppData\Roaming\Microsoft\Word
2023-11-26 20:08 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2023-11-26 19:14 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-24 19:01 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2023-11-24 18:51 - 2023-10-24 13:14 - 001742394 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-11-24 18:46 - 2023-10-24 13:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-11-24 18:46 - 2023-10-24 13:04 - 000012288 ___SH C:\DumpStack.log.tmp
2023-11-24 18:46 - 2023-10-24 13:04 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2023-11-24 18:46 - 2022-05-07 06:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-11-24 18:45 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-11-24 18:45 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-11-24 18:45 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-11-24 18:45 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-11-22 18:00 - 2023-10-24 14:02 - 000000000 ____D C:\Users\sandr\AppData\Roaming\Microsoft\UProof
2023-11-21 23:53 - 2023-10-24 13:22 - 000000000 ____D C:\Users\sandr
2023-11-21 23:41 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-11-21 23:33 - 2022-12-05 11:24 - 000000000 ____D C:\ProgramData\Package Cache
2023-11-21 20:24 - 2023-10-24 13:26 - 000000000 ____D C:\Users\sandr\AppData\Local\D3DSCache
2023-11-21 10:06 - 2023-10-24 13:28 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2496661861-3415350462-1559059813-1001
2023-11-21 10:06 - 2023-10-24 13:28 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2496661861-3415350462-1559059813-1001
2023-11-21 10:06 - 2023-10-24 13:28 - 000002424 _____ C:\Users\sandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-11-21 10:02 - 2022-07-18 05:39 - 000000000 ____D C:\Program Files\Microsoft Office
2023-11-18 10:10 - 2023-10-24 13:04 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-17 09:55 - 2023-10-27 16:40 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-11-15 17:29 - 2023-10-24 13:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-11-15 17:19 - 2023-10-24 13:57 - 182871392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-11-15 17:01 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-11-15 16:59 - 2023-10-24 13:06 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-11-14 10:34 - 2023-10-27 16:40 - 000003926 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-11-14 10:34 - 2023-10-27 16:40 - 000003802 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-11-10 19:48 - 2023-10-27 16:37 - 000003840 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2023-11-10 19:48 - 2023-10-27 16:37 - 000003398 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2023-11-10 18:49 - 2023-10-24 13:54 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-07 18:42 - 2022-07-01 02:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-11-04 19:57 - 2023-10-24 14:02 - 000000000 ____D C:\Users\sandr\AppData\Roaming\Microsoft\Office
2023-11-03 15:58 - 2023-10-24 13:04 - 000589368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-11-03 15:32 - 2023-10-24 13:05 - 000000000 ____D C:\ProgramData\HP
2023-11-03 14:57 - 2023-10-24 13:43 - 000000000 ____D C:\Users\sandr\AppData\Local\Publishers
2023-11-02 21:11 - 2023-10-24 13:26 - 000000000 ____D C:\Users\sandr\AppData\Local\Packages
2023-10-29 17:11 - 2022-07-18 07:05 - 000000000 ___HD C:\hp
2023-10-29 11:08 - 2023-10-24 22:52 - 000000000 ____D C:\WINDOWS\TextInput
2023-10-29 11:08 - 2022-05-07 11:20 - 000000000 ____D C:\WINDOWS\SysWOW64\es
2023-10-29 11:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2023-10-29 11:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-10-29 11:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2023-10-29 11:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-10-29 11:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-10-29 11:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-10-29 11:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-10-29 11:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-10-29 11:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2023-10-29 11:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2023-10-29 11:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2023-10-29 11:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-10-29 11:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-10-29 11:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-10-29 11:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2023-10-29 11:07 - 2023-10-24 22:58 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2023-10-29 11:07 - 2023-10-24 22:52 - 000000000 ____D C:\WINDOWS\HoloShell
2023-10-29 11:07 - 2022-05-07 11:20 - 000000000 ____D C:\WINDOWS\system32\es
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\id-ID
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\DiagTrack
2023-10-29 11:07 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\System
2023-10-29 11:07 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing
2023-10-29 11:05 - 2022-05-07 11:30 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-10-29 11:05 - 2022-05-07 06:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-10-29 11:05 - 2022-05-07 06:25 - 000076800 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2023-10-29 11:05 - 2022-05-07 06:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-10-29 11:05 - 2022-05-07 06:24 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

sandra · 27 Noviembre, 2023 18:48

Este es el de Addition.txt:

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 05-11-2023 02
Ejecutado por sandr (27-11-2023 19:39:35)
Ejecutado desde C:\Users\sandr\OneDrive\Escritorio
Microsoft Windows 11 Home Versión 23H2 22631.2715 (X64) (2023-10-24 12:10:24)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-2496661861-3415350462-1559059813-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2496661861-3415350462-1559059813-503 - Limited - Disabled)
Invitado (S-1-5-21-2496661861-3415350462-1559059813-501 - Limited - Disabled)
sandr (S-1-5-21-2496661861-3415350462-1559059813-1001 - Administrator - Enabled) => C:\Users\sandr
WDAGUtilityAccount (S-1-5-21-2496661861-3415350462-1559059813-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

CCleaner (HKLM\...\CCleaner) (Version: 6.18 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 119.0.6045.160 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
Malwarebytes version 4.6.6.294 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.6.294 - Malwarebytes)
Microsoft 365 - en-gb (HKLM\...\O365HomePremRetail - en-gb) (Version: 16.0.16924.20150 - Microsoft Corporation)
Microsoft 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.16924.20150 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 119.0.2151.72 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2496661861-3415350462-1559059813-1001\...\OneDriveSetup.exe) (Version: 23.226.1031.0003 - Microsoft Corporation)
Microsoft OneNote - en-gb (HKLM\...\OneNoteFreeRetail - en-gb) (Version: 16.0.16924.20150 - Microsoft Corporation)
Microsoft OneNote - es-es (HKLM\...\OneNoteFreeRetail - es-es) (Version: 16.0.16924.20150 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29325 (HKLM-x32\...\{d7a6435f-ac9a-4af6-8fdc-ca130d13fac9}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29325 (HKLM-x32\...\{B40FC85D-2B12-46E0-B950-E5B27E348793}) (Version: 14.28.29325 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29325 (HKLM-x32\...\{EE2E15BB-54C8-4DB0-B1F3-026E3C166991}) (Version: 14.28.29325 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20124 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20150 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.16924.20088 - Microsoft Corporation) Hidden
Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.72 - Microsoft Corporation)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.21.40031.0_x64__0a9344xs7nr4m [2023-10-24] (Advanced Micro Devices Inc.) [Startup Task]
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.700.323.0_x64__8wekyb3d8bbwe [2023-11-23] (Microsoft Corporation)
Dropbox - promoción -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.20.0_x64__xbfy0k16fey96 [2023-10-24] (Dropbox Inc.)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2023-10-24] (HP Inc.)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.44.301.0_x64__v10z8vjag6ke6 [2023-10-24] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\ad2f1837.hppchardwarediagnosticswindows_2.4.0.0_x64__v10z8vjag6ke6 [2023-10-24] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7.0_x64__v10z8vjag6ke6 [2023-10-24] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.10921.0_x64__v10z8vjag6ke6 [2023-10-24] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_150.1.1140.0_x64__v10z8vjag6ke6 [2023-11-10] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.31.22.0_x64__v10z8vjag6ke6 [2023-11-02] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_1.3.39.0_x64__v10z8vjag6ke6 [2023-10-24] (HP Inc.)
Microsoft Defender -> C:\Program Files\WindowsApps\microsoft.6365217ce6eb4_102.2310.10002.0_x64__8wekyb3d8bbwe [2023-11-27] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-10-24] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.21027.539.0_x64__8wekyb3d8bbwe [2023-11-01] (Microsoft Corporation)
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-10-24] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-11-24] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_26.52343.948.0_x64__v10z8vjag6ke6 [2023-11-05] (HP Inc.) [Startup Task]
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.1114.100_x64__8wekyb3d8bbwe [2023-11-21] (Microsoft Corporation)
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_10.0.8109.0_x64__8wekyb3d8bbwe [2023-11-09] (Microsoft Corporation) [Startup Task]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-08] (Microsoft Studios) [MS Ad]
Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.3899848563C1F_1.0.137.0_x64__kx24dqmazqk8j [2023-10-24] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0 [2023-11-26] (Spotify AB) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-11-24] (Microsoft Corporation)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-10-24] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-10-24] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2022-05-07 06:24 - 2023-11-24 18:44 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKU\S-1-5-21-2496661861-3415350462-1559059813-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\HP Backgrounds\backgroundDefault.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{F0B2D3B2-E83A-43B4-B5B3-C46E7BED8967}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DBA80152-36BA-4FE5-82A3-10804899C13A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E36E7B4F-501C-43A6-B76B-FDD94DA558B3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DB2D682A-0EA3-4BF8-9B71-D8A416FD654C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AF0C41AE-CF0C-435F-89D7-7CFB7D7F718E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E48CC4B7-8F07-4AE5-909F-70B8AFFDC2FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{78F95877-D4F6-4340-81FB-D118C47BF2BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{81BD52C0-3C3F-4DC8-A162-6929614C3897}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DE9D5B84-95C8-4D90-8647-2009D141DED4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{12251B94-D568-4443-ABCB-D7CF08146A36}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

==================== Puntos de Restauración =========================

ATENCIÓN: Restaurar Sistema está deshabilitado (Total:476.06 GB) (Free:418.77 GB) (88%)

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (11/26/2023 07:06:04 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Nombre de la aplicación con errores: wmiprvse.exe, versión: 10.0.22621.1, marca de tiempo: 0x3b1bcc5b
Nombre del módulo con errores: ntdll.dll, versión: 10.0.22621.2506, marca de tiempo: 0xbced4b82
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000008ebef
Identificador del proceso con errores: 0x0xe2c
Hora de inicio de la aplicación con errores: 0x0x1da1efe2684b6a7
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\wbem\wmiprvse.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: 9bfabd3e-247f-43e4-b9da-9a8c23c7b315
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/24/2023 06:46:33 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Error en la inicialización de la inscripción de certificados de SCEP para WORKGROUP\SANDRA$ a través de https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 24 Nov 2023 17:46:28 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 89f8e217-999f-4c06-94de-db5385528296

Método: GET(297ms)
Fase: GetCACaps
No encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (11/24/2023 06:46:33 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Error en la inicialización de la inscripción de certificados de SCEP para Sistema local a través de https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 24 Nov 2023 17:46:28 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 473ca374-b4ac-4bca-82d8-e62bd453bcf5

Método: GET(391ms)
Fase: GetCACaps
No encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (11/24/2023 06:12:38 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Error en la inicialización de la inscripción de certificados de SCEP para WORKGROUP\SANDRA$ a través de https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 24 Nov 2023 17:12:33 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 2c0648c6-937b-4ab1-8301-e69c5efd7fe3

Método: GET(328ms)
Fase: GetCACaps
No encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (11/24/2023 06:12:37 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Error en la inicialización de la inscripción de certificados de SCEP para Sistema local a través de https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 24 Nov 2023 17:12:32 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 905fd603-5461-4603-8606-b1f31de954c5

Método: GET(921ms)
Fase: GetCACaps
No encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (11/21/2023 11:54:15 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Error en la inicialización de la inscripción de certificados de SCEP para WORKGROUP\SANDRA$ a través de https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 21 Nov 2023 22:54:12 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 64e097e5-9dac-4b60-b149-c6f96759665c

Método: GET(313ms)
Fase: GetCACaps
No encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (11/21/2023 11:54:14 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Error en la inicialización de la inscripción de certificados de SCEP para Sistema local a través de https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 21 Nov 2023 22:54:11 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: e220c364-e1d1-4807-8160-3c89a8eec3a6

Método: GET(375ms)
Fase: GetCACaps
No encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (11/13/2023 03:38:14 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Error en la inicialización de la inscripción de certificados de SCEP para WORKGROUP\SANDRA$ a través de https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Mon, 13 Nov 2023 14:38:14 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 5ec6ab61-ef77-454b-992d-c0a8caf0ce66

Método: GET(297ms)
Fase: GetCACaps
No encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)


Errores del sistema:
=============
Error: (11/27/2023 04:46:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Realtek Wireless Manager Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 5000 milisegundos: Reiniciar el servicio.

Error: (11/27/2023 03:44:19 PM) (Source: DCOM) (EventID: 10010) (User: SANDRA)
Description: El servidor {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/27/2023 03:42:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Realtek Wireless Manager Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 5000 milisegundos: Reiniciar el servicio.

Error: (11/27/2023 01:27:11 PM) (Source: DCOM) (EventID: 10010) (User: SANDRA)
Description: El servidor {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/27/2023 10:20:41 AM) (Source: DCOM) (EventID: 10010) (User: SANDRA)
Description: El servidor {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/26/2023 08:26:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Realtek Wireless Manager Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 5000 milisegundos: Reiniciar el servicio.

Error: (11/26/2023 07:05:17 PM) (Source: DCOM) (EventID: 10010) (User: SANDRA)
Description: El servidor {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/26/2023 07:02:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Realtek Wireless Manager Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 5000 milisegundos: Reiniciar el servicio.


Windows Defender:
================
Date: 2023-11-26 19:57:46
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {AF9B1124-C56E-4FC8-9072-9E4280C799A8}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM 

Date: 2023-11-21 20:08:26
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {D1A50D7C-6A14-4377-A2C5-4DFFF40BA57B}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM 

Date: 2023-11-21 20:03:30
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {91164881-B1D2-4FED-BD0B-8B0F01AD5B2D}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM 

Date: 2023-11-15 16:35:45
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {55EF6A5A-4FFA-4A6B-912A-885FD8DF0DE2}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM 

Date: 2023-11-10 19:54:28
Description: 
El acceso controlado a carpetas impidió que C:\Users\sandr\AppData\Local\Temp\{74d96616-cdd1-4294-a0d6-269f84efd235}\6f305cfb.exe realizara cambios en la memoria.
Tiempo de detección: 2023-11-10T18:54:28.497Z
Usuario: sandra\sandr
Ruta de acceso: \Device\Harddisk0\DR0
Nombre del proceso: C:\Users\sandr\AppData\Local\Temp\{74d96616-cdd1-4294-a0d6-269f84efd235}\6f305cfb.exe
Versión de inteligencia de seguridad: 1.401.391.0
Versión del motor: 1.1.23100.2009
Versión del producto: 4.18.23100.2009
 
Event[0]

Date: 2023-11-11 17:33:52
Description: 
Antivirus de Microsoft Defender encontró un error al intentar actualizar la inteligencia de seguridad e intentará revertir a una versión anterior.
Inteligencia de seguridad intentada: Actual
Código de error: 0x80501102
Descripción del error: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico. 
Versión de inteligencia de seguridad: 1.401.434.0;1.401.434.0
Versión del motor: 1.1.23100.2009 

Date: 2023-10-24 14:58:13
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.321.69.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.17300.4
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.  

CodeIntegrity:
===============
Date: 2023-11-26 20:08:31
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. 

Date: 2023-11-21 23:19:35
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements. 


==================== Información de la memoria =========================== 

BIOS: AMI F.31 08/02/2023
Placa base: HP 887A
Procesador: AMD Ryzen 3 5300U with Radeon Graphics 
Porcentaje de memoria en uso: 55%
RAM física total: 7502.46 MB
RAM física disponible: 3306.28 MB
Virtual total: 11854.46 MB
Virtual disponible: 6088.42 MB

==================== Unidades ================================

Drive c: (Windows) (Fixed) (Total:476.06 GB) (Free:418.77 GB) (Model: WD PC SN740 SDDPNQD-512G-1006) (Protected) NTFS

\\?\Volume{a105c163-66cd-46fd-8dae-9c6216ddf6e9}\ (Windows RE tools) (Fixed) (Total:0.6 GB) (Free:0.06 GB) NTFS
\\?\Volume{4b476c89-7c31-474e-80cd-8842b9e00463}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 58AF21E0)

Partition: GPT.

==================== Final de Addition.txt =======================

MIXU · 28 Noviembre, 2023 22:03

Hola buenas @sandra antes de seguir, quiero que llegados a este punto:

Me comentas de nuevo como sigue tu PC respecto al problema inicial planteado en este tema.

Slau2.

sandra · 29 Noviembre, 2023 15:45

Hola, @MIXU. No he notado nada raro. Te comento una cosa por si las moscas. Es que me aparecen anuncios en casi todas las páginas que visualizo. No sé si se trata algo normal o sospechoso, ya que por lo demás el pc no da señales de nada extraño.

MIXU · 29 Noviembre, 2023 19:32

Hola buenas @sandra

Ok.

OK.

Ok. Pues tráeme capturas de pantalla tal y como ya sabes:

Así yo les podré echar un ojo y vemos si eso que comentas es o no normal.

Salu2.

sandra · 30 Noviembre, 2023 15:42

Hola, @MIXU. Te adjunto dos capturas de ahora que me he puesto con el pc. El navegador que estoy utilizando es el Google Chrome.

Muchas gracias y un saludo.

MIXU · 1 Diciembre, 2023 23:12

Hola, buenas @sandra

Ok. eso es la típica publicidad legítima que te aparece en los navegadores al visitar ciertas páginas web como visitante anónimo, no es nada raro, es normal. Se pueden llegar a bloquear de varias formas, pero no es malware de tipo adware ni nada por el estilo.

OK.

[color=#2271b3] PREGUNTAS [/color]

¿Verdad en que no llegamos a realizar un Análisis Personalizado con el Malwarebytes? ¿Cierto?

Ahora debes de hacer una [color=#ff00]COPIA DE SEGURIDAD DEL REGISTRO[/color], para ello:

Reinicias el ordenador en Modo Normal.
Descargas DelFix en tu escritorio.
Doble clic para ejecutarlo. [size=2](Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)[/size]
Marcas solamente la casilla de [color=#ff00]Create registry backup[/color], el resto te aseguras de que no estén seleccionadas.
Presionas en Run.

Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.

Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe

Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:

File: C:\WINDOWS\system32\Drivers\gen3p1pkey.dat;C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk;C:\WINDOWS\system32\ctac.json;C:\WINDOWS\SysWOW64\ctac.json;C:\WINDOWS\system32\hologramcompositor.lock;C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json;C:\System.sav;C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_642dd10f697d62b0\x64\BridgeCommunication.exe;C:\Windows\System32\DriverStore\FileRepository\u0387389.inf_amd64_995be970e30b8c79\B385477\atieclxx.exe
File: %systemroot%\system32\MusNotification.exe
VirusTotal: C:\WINDOWS\system32\Drivers\gen3p1pkey.dat;C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk;C:\WINDOWS\system32\ctac.json;C:\WINDOWS\SysWOW64\ctac.json;C:\WINDOWS\system32\hologramcompositor.lock;C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json;C:\System.sav;C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_642dd10f697d62b0\x64\BridgeCommunication.exe;C:\Windows\System32\DriverStore\FileRepository\u0387389.inf_amd64_995be970e30b8c79\B385477\atieclxx.exe
VirusTotal: %systemroot%\system32\MusNotification.exe

C:\Users\sandr\AppData\Roaming\Microsoft\QuickStyles
U3 aspnet_state; no ImagePath

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END

Lo guardas con el nombre de FIXLIST.TXT en tu escritorio [color=#ff00](MUY IMPORTANTE).[/color] Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.

[color=#ff00]El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.[/color]

Finalmente (OJO, en MODO NORMAL):

Ejecutas nuevamente FRST.exe [size=2](Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)[/size].
Presionas sobre [color=#ff00]Fix/Corregir[/color] y esperas a que finalice el proceso. [color=#ff00]No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.[/color]
Cunado finalice, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta.
Reinicias el ordenador en Modo Normal compruebas durante un rato el funcionamiento de este y comentas como sigue el problema inicialmente planteado.

Muy Importante Coloca el reporte que te he pedido como se muestra en la siguiente imagen:

Salu2.

MIXU · 6 Diciembre, 2023 01:29

Hola, buenas @sandra

¿Has podido realizar algún avance acerca de lo que te pregunté/comenté?

Me comentas.

Salu2.

sandra · 6 Diciembre, 2023 09:24

Hola, @MIXU. Perdona, pero es que no he podido realizar tus últimas recomendaciones. Mañana, sin falta lo haré. Gracias, por tu ayuda y siento el retraso.

sandra · 7 Diciembre, 2023 16:24

Hola, @MIXU. Te facilito el informe de FIXLOG.TXT :

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 07-12-2023 Ejecutado por sandr (07-12-2023 17:13:21) Run:2 Ejecutado desde C:\Users\sandr\OneDrive\Escritorio Perfiles cargados: sandr Modo de Inicio: Normal

fixlist contenido:

START CREATERESTOREPOINT: CLOSEPROCESSES:

File: C:\WINDOWS\system32\Drivers\gen3p1pkey.dat;C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk;C:\WINDOWS\system32\ctac.json;C:\WINDOWS\SysWOW64\ctac.json;C:\WINDOWS\system32\hologramcompositor.lock;C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json;C:\System.sav;C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_642dd10f697d62b0\x64\BridgeCommunication.exe;C:\Windows\System32\DriverStore\FileRepository\u0387389.inf_amd64_995be970e30b8c79\B385477\atieclxx.exe File: %systemroot%\system32\MusNotification.exe VirusTotal: C:\WINDOWS\system32\Drivers\gen3p1pkey.dat;C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk;C:\WINDOWS\system32\ctac.json;C:\WINDOWS\SysWOW64\ctac.json;C:\WINDOWS\system32\hologramcompositor.lock;C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json;C:\System.sav;C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_642dd10f697d62b0\x64\BridgeCommunication.exe;C:\Windows\System32\DriverStore\FileRepository\u0387389.inf_amd64_995be970e30b8c79\B385477\atieclxx.exe VirusTotal: %systemroot%\system32\MusNotification.exe

C:\Users\sandr\AppData\Roaming\Microsoft\QuickStyles U3 aspnet_state; no ImagePath

CMD: ipconfig /flushdns CMD: ipconfig /renew CMD: bitsadmin /reset /allusers CMD: netsh winsock reset CMD: netsh advfirewall reset CMD: netsh advfirewall set allprofiles state ON CMD: netsh int ipv4 reset CMD: netsh int ipv6 reset RemoveProxy: EmptyTemp: Hosts: END

Error: (0) Error al crear un punto de restauración. Procesos cerrados correctamente.

========================= File: C:\WINDOWS\system32\Drivers\gen3p1pkey.dat;C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk;C:\WINDOWS\system32\ctac.json;C:\WINDOWS\SysWOW64\ctac.json;C:\WINDOWS\system32\hologramcompositor.lock;C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json;C:\System.sav;C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_642dd10f697d62b0\x64\BridgeCommunication.exe;C:\Windows\System32\DriverStore\FileRepository\u0387389.inf_amd64_995be970e30b8c79\B385477\atieclxx.exe ========================

C:\WINDOWS\system32\Drivers\gen3p1pkey.dat Archivo no firmado MD5: 6386092BD4CABCE186E9DAF274ABD52B Fecha de creación y modificación: 2023-10-24 13:05 - 2020-07-21 17:44 Tamaño: 000028652 Atributos: ----A Nombre de la compañía: Interno Nombre: Original Nombre: Producto: Descripción: Archivo Versión: Producto Versión: Copyright: VirusTotal: https://www.virustotal.com/gui/file/b3cd08e1b900584f88a74fe40719abe6fb6d4d74ace2a9f5120edcdfdd64e3b7/detection/f-b3cd08e1b900584f88a74fe40719abe6fb6d4d74ace2a9f5120edcdfdd64e3b7-1680295176

“C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk” => no encontrado C:\WINDOWS\system32\ctac.json Catalog: C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package02~31bf3856ad364e35~amd64~~10.0.22621.2506.cat El archivo está firmado digitalmente MD5: 2A6B98AB4BA1564950C4779EFD7944E5 Fecha de creación y modificación: 2023-10-24 22:54 - 2023-10-24 22:54 Tamaño: 000060462 Atributos: ----A Nombre de la compañía: Microsoft Windows → Interno Nombre: Original Nombre: Producto: Descripción: Archivo Versión: Producto Versión: Copyright: VirusTotal: https://www.virustotal.com/gui/file/7f9ce7e10b4ed9e997e769532206ce9987fbc3d6c273f38df75640ec4d521352/detection/f-7f9ce7e10b4ed9e997e769532206ce9987fbc3d6c273f38df75640ec4d521352-1696771721

C:\WINDOWS\SysWOW64\ctac.json Catalog: C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package02~31bf3856ad364e35~amd64~~10.0.22621.2506.cat El archivo está firmado digitalmente MD5: 2A6B98AB4BA1564950C4779EFD7944E5 Fecha de creación y modificación: 2023-10-24 22:54 - 2023-10-24 22:54 Tamaño: 000060462 Atributos: ----A Nombre de la compañía: Microsoft Windows → Interno Nombre: Original Nombre: Producto: Descripción: Archivo Versión: Producto Versión: Copyright: VirusTotal: https://www.virustotal.com/gui/file/7f9ce7e10b4ed9e997e769532206ce9987fbc3d6c273f38df75640ec4d521352/detection/f-7f9ce7e10b4ed9e997e769532206ce9987fbc3d6c273f38df75640ec4d521352-1696771721

C:\WINDOWS\system32\hologramcompositor.lock Catalog: C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Holographic-Desktop-Analog-FOD-merged-Package~31bf3856ad364e35~amd64~~10.0.22621.2506.cat El archivo está firmado digitalmente MD5: B5B635E1B7F17EBAD35652123FE6AA54 Fecha de creación y modificación: 2023-10-24 22:52 - 2022-05-06 22:02 Tamaño: 000000002 Atributos: ----A Nombre de la compañía: Microsoft Windows → Interno Nombre: Original Nombre: Producto: Descripción: Archivo Versión: Producto Versión: Copyright: VirusTotal: https://www.virustotal.com/gui/file/6b6daa8334bbcc8f6b5906b6c04be041d92700b74024f73f50e0a9f0dae5f06f/detection/f-6b6daa8334bbcc8f6b5906b6c04be041d92700b74024f73f50e0a9f0dae5f06f-1390828473

C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json Catalog: C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.22621.2506.cat El archivo está firmado digitalmente MD5: 3716A431346037491C900A3221708905 Fecha de creación y modificación: 2023-10-29 10:58 - 2023-10-29 10:58 Tamaño: 000016240 Atributos: ----A Nombre de la compañía: Microsoft Windows → Interno Nombre: Original Nombre: Producto: Descripción: Archivo Versión: Producto Versión: Copyright: VirusTotal: https://www.virustotal.com/gui/file/04a187aa6bfd80c533c871115551bb1a16ba73fe14c7f5d1a48fa8f602ec3372/detection/f-04a187aa6bfd80c533c871115551bb1a16ba73fe14c7f5d1a48fa8f602ec3372-1699320425

C:\System.sav [symlink → C:\Recovery\OEM\LOGS\SYSTEM.SAV] Archivo no firmado MD5: [symlink → C:\Recovery\OEM\LOGS\SYSTEM.SAV] Fecha de creación y modificación: 2023-10-24 23:00 - 2023-10-24 23:00 Tamaño: 000000000 Atributos: --HDL Nombre de la compañía: Interno Nombre: Original Nombre: Producto: Descripción: Archivo Versión: Producto Versión: Copyright: VirusTotal: 0-byte

C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_642dd10f697d62b0\x64\BridgeCommunication.exe Catalog: C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.cat El archivo está firmado digitalmente MD5: 2D5CD67E62BF7F09EBA5B5B4E834E7A1 Fecha de creación y modificación: 2023-09-25 03:32 - 2023-09-25 03:32 Tamaño: 000833488 Atributos: ----A Nombre de la compañía: HP Inc. → HP Inc. Interno Nombre: BridgeCommunication.exe Original Nombre: BridgeCommunication.exe Producto: BridgeCommunication Descripción: Archivo Versión: 1.60.3467.0 Producto Versión: 1.60.3467.0 Copyright: Copyright (c) 2018 HP Development Company, L.P. VirusTotal: https://www.virustotal.com/gui/file/f6dc076f91ecb5e495a03d572d8e6e7fb1b39f2732bd279427fc4b4f33dc22ce/detection/f-f6dc076f91ecb5e495a03d572d8e6e7fb1b39f2732bd279427fc4b4f33dc22ce-1700766645

C:\Windows\System32\DriverStore\FileRepository\u0387389.inf_amd64_995be970e30b8c79\B385477\atieclxx.exe Catalog: C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem61.cat El archivo está firmado digitalmente MD5: ACEF04356419D39ACA18C8A07E5A8312 Fecha de creación y modificación: 2023-01-11 01:25 - 2023-01-11 01:25 Tamaño: 000940416 Atributos: ----A Nombre de la compañía: Advanced Micro Devices Inc. → AMD Interno Nombre: ATIECLXX.EXE Original Nombre: ATIECLXX.EXE Producto: AMD External Events Descripción: AMD External Events Client Module Archivo Versión: 6.14.11.1290 Producto Versión: 6.14.11.1290 Copyright: Copyright © 2008-2009 AMD VirusTotal: https://www.virustotal.com/gui/file/3b46a0f4a440a69f7484373840dc05d884e123b6491c75ed10185f4d4f088648/detection/f-3b46a0f4a440a69f7484373840dc05d884e123b6491c75ed10185f4d4f088648-1694196424

====== Final de File: ======

========================= File: %systemroot%\system32\MusNotification.exe ========================

“%systemroot%\system32\MusNotification.exe” => no encontrado ====== Final de File: ======

VirusTotal: C:\WINDOWS\system32\Drivers\gen3p1pkey.dat => https://www.virustotal.com/gui/file/b3cd08e1b900584f88a74fe40719abe6fb6d4d74ace2a9f5120edcdfdd64e3b7/detection/f-b3cd08e1b900584f88a74fe40719abe6fb6d4d74ace2a9f5120edcdfdd64e3b7-1680295176 “VirusTotal: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk” => no encontrado VirusTotal: C:\WINDOWS\system32\ctac.json => https://www.virustotal.com/gui/file/7f9ce7e10b4ed9e997e769532206ce9987fbc3d6c273f38df75640ec4d521352/detection/f-7f9ce7e10b4ed9e997e769532206ce9987fbc3d6c273f38df75640ec4d521352-1696771721 VirusTotal: C:\WINDOWS\SysWOW64\ctac.json => https://www.virustotal.com/gui/file/7f9ce7e10b4ed9e997e769532206ce9987fbc3d6c273f38df75640ec4d521352/detection/f-7f9ce7e10b4ed9e997e769532206ce9987fbc3d6c273f38df75640ec4d521352-1696771721 VirusTotal: C:\WINDOWS\system32\hologramcompositor.lock => https://www.virustotal.com/gui/file/6b6daa8334bbcc8f6b5906b6c04be041d92700b74024f73f50e0a9f0dae5f06f/detection/f-6b6daa8334bbcc8f6b5906b6c04be041d92700b74024f73f50e0a9f0dae5f06f-1390828473 VirusTotal: C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json => https://www.virustotal.com/gui/file/04a187aa6bfd80c533c871115551bb1a16ba73fe14c7f5d1a48fa8f602ec3372/detection/f-04a187aa6bfd80c533c871115551bb1a16ba73fe14c7f5d1a48fa8f602ec3372-1699320425 VirusTotal: C:\System.sav => [symlink → C:\Recovery\OEM\LOGS\SYSTEM.SAV] VirusTotal: C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_642dd10f697d62b0\x64\BridgeCommunication.exe => https://www.virustotal.com/gui/file/f6dc076f91ecb5e495a03d572d8e6e7fb1b39f2732bd279427fc4b4f33dc22ce/detection/f-f6dc076f91ecb5e495a03d572d8e6e7fb1b39f2732bd279427fc4b4f33dc22ce-1700766645 VirusTotal: C:\Windows\System32\DriverStore\FileRepository\u0387389.inf_amd64_995be970e30b8c79\B385477\atieclxx.exe => https://www.virustotal.com/gui/file/3b46a0f4a440a69f7484373840dc05d884e123b6491c75ed10185f4d4f088648/detection/f-3b46a0f4a440a69f7484373840dc05d884e123b6491c75ed10185f4d4f088648-1694196424 “VirusTotal: %systemroot%\system32\MusNotification.exe” => no encontrado

“C:\Users\sandr\AppData\Roaming\Microsoft\QuickStyles” carpeta mover:

C:\Users\sandr\AppData\Roaming\Microsoft\QuickStyles => movido correctamente HKLM\System\CurrentControlSet\Services\aspnet_state => eliminado correctamente aspnet_state => servicio eliminado correctamente

========= ipconfig /flushdns =========

Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========

========= ipconfig /renew =========

Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de rea local* 1 mientras los medios est‚n desconectados. No se puede realizar ninguna operaci¢n en Conexi¢n de rea local* 2 mientras los medios est‚n desconectados. No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios est‚n desconectados.

Adaptador de LAN inal mbrica Conexi¢n de rea local* 1:

Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . :

Adaptador de LAN inal mbrica Conexi¢n de rea local* 2:

Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . :

Adaptador de LAN inal mbrica Wi-Fi:

Sufijo DNS espec¡fico para la conexi¢n. . : Home V¡nculo: direcci¢n IPv6 local. . . : fe80::6c2b:5d51:e226:a7ef%10 Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.130 M scara de subred . . . . . . . . . . . . : 255.255.255.0 Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de Ethernet Conexi¢n de red Bluetooth:

Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . :

========= Final de CMD: =========

========= bitsadmin /reset /allusers =========

BITSADMIN version 3.0 BITS administration utility. (C) Copyright Microsoft Corp.

0 out of 0 jobs canceled.

========= Final de CMD: =========

========= netsh winsock reset =========

El cat logo Winsock se restableci¢ correctamente. Debe reiniciar el equipo para completar el restablecimiento.

========= Final de CMD: =========

========= netsh advfirewall reset =========

Aceptar

========= Final de CMD: =========

========= netsh advfirewall set allprofiles state ON =========

Aceptar

========= Final de CMD: =========

========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente. Compartimiento se restableci¢ correctamente. Protocolo de control se restableci¢ correctamente. Solicitud de secuencia eco se restableci¢ correctamente. Global se restableci¢ correctamente. Interfaz se restableci¢ correctamente. Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente. Direcciones de multidifusi¢n se restableci¢ correctamente. Direcci¢n de unidifusi¢n se restableci¢ correctamente. Vecino se restableci¢ correctamente. Ruta de acceso se restableci¢ correctamente. Posible se restableci¢ correctamente. Directiva de prefijo se restableci¢ correctamente. Vecino de proxy se restableci¢ correctamente. Ruta se restableci¢ correctamente. Prefijo de sitio se restableci¢ correctamente. Subinterfaz se restableci¢ correctamente. Patr¢n de reactivaci¢n se restableci¢ correctamente. Resolver vecino se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Error al restablecer . Acceso denegado.

se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Reinicie el equipo para completar esta acci¢n.

========= Final de CMD: =========

========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente. Compartimiento se restableci¢ correctamente. Protocolo de control se restableci¢ correctamente. Solicitud de secuencia eco se restableci¢ correctamente. Global se restableci¢ correctamente. Interfaz se restableci¢ correctamente. Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente. Direcciones de multidifusi¢n se restableci¢ correctamente. Direcci¢n de unidifusi¢n se restableci¢ correctamente. Vecino se restableci¢ correctamente. Ruta de acceso se restableci¢ correctamente. Posible se restableci¢ correctamente. Directiva de prefijo se restableci¢ correctamente. Vecino de proxy se restableci¢ correctamente. Ruta se restableci¢ correctamente. Prefijo de sitio se restableci¢ correctamente. Subinterfaz se restableci¢ correctamente. Patr¢n de reactivaci¢n se restableci¢ correctamente. Resolver vecino se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Error al restablecer . Acceso denegado.

se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Reinicie el equipo para completar esta acci¢n.

========= Final de CMD: =========

========= RemoveProxy: =========

“HKU.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings” => eliminado correctamente “HKU\S-1-5-21-2496661861-3415350462-1559059813-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings” => eliminado correctamente “HKU\S-1-5-21-2496661861-3415350462-1559059813-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings” => eliminado correctamente

========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente Hosts restaurado correctamente.

=========== EmptyTemp: ==========

FlushDNS => completado BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10627023 B Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B Windows/system/drivers => 13136268 B Edge => 0 B Chrome => 614942669 B Firefox => 0 B Opera => 0 B

Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 7092 B sandr => 46366316 B

RecycleBin => 0 B EmptyTemp: => 653.3 MB datos temporales eliminados.

================================

El sistema necesita reiniciarse.

==== Final de Fixlog 17:18:06 ====

MIXU · 6 Enero, 2024 15:23

Hola buenas @sandra

Primero de todo, disculpa en que haya tardado en responder. Pues han sucedido una serie de contratiempos que han hecho que no pudiese responder durante casi un mes aprox.

Pues:

He estado enfermo varias semanas/días.
He tenido problemas familiares/personales.
Estas fechas festivas de navidad, uno tiene muchas cosas que hacer.
Tengo también mucha carga laboral/trabajos.
El foro tuvo una serie de problemas técnicos hace un par de semanas y también estuvo caído varios días, pero ya se ha arreglado casi todo.

¿Sigues necesitando ayuda acerca del problema qué comentaste inicialmente en este tema?

Si es así, dímelo y por mi parte a partir del 16 de Enero podré seguir atendiendo tu caso. Puede que antes, pero el 16 de Enero. Seguro.

Salu2.

sandra · 9 Enero, 2024 15:48

Hola @MIXU. Te entiendo perfectamente. A mi me ha pasado también. En diciembre cuando volvi de viaje me contagie de Covid y ahora con el virus estomacal. En principio, no he observado nada raro en el pc. Únicamente que en el último informe aparecia algo de una web virus total y no sé si es que se ha eliminado o todavía sigue. Muchas gracias por tu ayuda.