Sospecha de virus

mario006 · 2 Septiembre, 2025 20:20

Buenas trades @furtivex , el dia de ayer en horas de la tarde, varios iconos de dejaron de mostrar su logo, posteriormente utilice el comando sfc/ scannow con resultado de no encontrar daños en los archivos. El dia de hoy al utilizar el pc los iconos estan con el problema inicial.

Me colabora con el posible visrus, gracias

**************************************************************
# DoesNotBelong v9.0.4
# https://furtivex.net
# OS: Microsoft Windows 10 Pro x64 22H2 Español (Spanish) - 0C0A - 1252 - 850
# Nombre de usuario: ArturoParra -> S-1-5-21-1475189372-905897940-3643049737-1001
# Nombre de la computadora: ARTURO-PARRA
# Fecha: 2025_09_02__14_54_16
**************************************************************

# Procesos:

# Controladores:

# Servicios:

# Archivos:

C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
C:\Windows\System32\config\systemprofile\AppData\Local\CM2C13C.tmp
C:\Windows\System32\config\systemprofile\AppData\Local\tpm-12b8-fec-2d949e.tmp
C:\Windows\System32\config\systemprofile\AppData\Local\tpm-2398-184c-1fab3e.tmp
C:\Windows\System32\FNTCACHE.DAT
C:\Windows\System32\GroupPolicy\GPT.ini

# Carpetas:

# Tareas:

Adobe Acrobat Update Task
CreateExplorerShellUnelevatedTask
Microsoft\Office\Office Automatic Updates 2.0
Microsoft\Office\Office ClickToRun Service Monitor
Microsoft\Windows\Application Experience\PcaPatchDbTask
Microsoft\Windows\Application Experience\PcaWallpaperAppDetect
Microsoft\Windows\Clip\ClipESU
Microsoft\Windows\Clip\ClipESUConsumer
Microsoft\Windows\Clip\ClipEsuConsumerProcessPreOrder
Microsoft\Windows\Clip\ClipEsuConsumerProcessRefund
Microsoft\Windows\Clip\EnableClipESU
Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Microsoft\Windows\WindowsUpdate\Scheduled Start
ZoomUpdateTaskUser-S-1-5-21-1475189372-905897940-3643049737-1001

# Registro:

HKCU\Environment\\OMP_WAIT_POLICY
HKCR\ActivatableClasses\Package\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt
HKCR\ActivatableClasses\Package\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe
HKCR\ActivatableClasses\Package\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe
HKCR\ActivatableClasses\Package\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe
HKCR\Extensions\ContractId\Windows.AppService\PackageId\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt
HKCR\Extensions\ContractId\Windows.BackgroundTasks\PackageId\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt
HKCR\Extensions\ContractId\Windows.BackgroundTasks\PackageId\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe
HKCR\Extensions\ContractId\Windows.Launch\PackageId\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt
HKCR\Extensions\ContractId\Windows.Launch\PackageId\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe
HKCR\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PolicyCache\AppUp.IntelGraphicsExperience_8j3eq9eme6ctt
HKCR\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PolicyCache\E046963F.LenovoCompanion_k1h2ywk1493x8
HKCR\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PolicyCache\Microsoft.BingNews_8wekyb3d8bbwe
HKCR\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PolicyCache\Microsoft.BingWeather_8wekyb3d8bbwe
HKCU\Software\Classes\Extensions\ContractId\Windows.AppService\PackageId\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt
HKCU\Software\Classes\Extensions\ContractId\Windows.BackgroundTasks\PackageId\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt
HKCU\Software\Classes\Extensions\ContractId\Windows.BackgroundTasks\PackageId\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe
HKCU\Software\Classes\Extensions\ContractId\Windows.Protocol\PackageId\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PolicyCache\AppUp.IntelGraphicsExperience_8j3eq9eme6ctt
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PolicyCache\E046963F.LenovoCompanion_k1h2ywk1493x8
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PolicyCache\Microsoft.BingNews_8wekyb3d8bbwe
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PolicyCache\Microsoft.BingWeather_8wekyb3d8bbwe
HKCU\Software\Microsoft\Windows NT\CurrentVersion\HostActivityManager\CommitHistory\AppUp.IntelGraphicsExperience_8j3eq9eme6ctt!App
HKCU\Software\Microsoft\Windows NT\CurrentVersion\HostActivityManager\CommitHistory\E046963F.LenovoCompanion_k1h2ywk1493x8!App
HKCU\Software\Microsoft\Windows NT\CurrentVersion\HostActivityManager\CommitHistory\Microsoft.BingNews_8wekyb3d8bbwe!AppexNews
HKCU\Software\Microsoft\Windows NT\CurrentVersion\HostActivityManager\CommitHistory\Microsoft.BingWeather_8wekyb3d8bbwe!App
HKCU\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\AppUp.IntelGraphicsExperience_8j3eq9eme6ctt
HKCU\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.BingWeather_8wekyb3d8bbwe
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\CCleaner Smart Cleaning
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\KeePassXC
HKLM\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\AppUp.IntelGraphicsExperience_1.100.5688.0_neutral_~_8j3eq9eme6ctt
HKLM\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\AppUp.IntelGraphicsExperience_1.100.5688.0_neutral_split.language-es_8j3eq9eme6ctt
HKLM\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\AppUp.IntelGraphicsExperience_1.100.5688.0_neutral_split.scale-100_8j3eq9eme6ctt
HKLM\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt
HKLM\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe
HKLM\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe
HKLM\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\Microsoft.BingWeather_4.36.20714.0_neutral_~_8wekyb3d8bbwe
HKLM\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\Microsoft.BingWeather_4.36.20714.0_neutral_split.language-es_8wekyb3d8bbwe
HKLM\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\Microsoft.BingWeather_4.36.20714.0_neutral_split.scale-100_8wekyb3d8bbwe
HKLM\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe
HKLM\Software\Microsoft\SecurityManager\CapAuthz\ApplicationsEx\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt
HKLM\Software\Microsoft\SecurityManager\CapAuthz\ApplicationsEx\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\RtkAudUService
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\Cloudflare WARP.lnk
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\AppxAllUserStore\Applications\AppUp.IntelGraphicsExperience_1.100.2731.0_neutral_~_8j3eq9eme6ctt
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\AppxAllUserStore\Applications\Microsoft.BingWeather_4.36.20714.0_neutral_~_8wekyb3d8bbwe
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\AppxAllUserStore\S-1-5-18\Microsoft.BingWeather_4.36.20714.0_neutral_~_8wekyb3d8bbwe
HKLM\SYSTEM\Setup\Upgrade\Appx\DownlevelGather\AppxAllUserStore\S-1-5-21-1475189372-905897940-3643049737-1001\AppUp.IntelGraphicsExperience_1.100.2731.0_neutral_~_8j3eq9eme6ctt
HKLM\SYSTEM\Setup\Upgrade\Appx\DownlevelGather\AppxAllUserStore\S-1-5-21-1475189372-905897940-3643049737-1001\Microsoft.BingWeather_4.36.20714.0_neutral_~_8wekyb3d8bbwe
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\PackageInstallState\AppUp.IntelGraphicsExperience_1.100.2731.0_neutral_~_8j3eq9eme6ctt
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\PackageInstallState\AppUp.IntelGraphicsExperience_1.100.2731.0_neutral_split.language-es_8j3eq9eme6ctt
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\PackageInstallState\AppUp.IntelGraphicsExperience_1.100.2731.0_neutral_split.scale-100_8j3eq9eme6ctt
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\PackageInstallState\AppUp.IntelGraphicsExperience_1.100.2731.0_x64__8j3eq9eme6ctt
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\PackageInstallState\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\PackageInstallState\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\PackageInstallState\Microsoft.BingWeather_4.36.20714.0_neutral_~_8wekyb3d8bbwe
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\PackageInstallState\Microsoft.BingWeather_4.36.20714.0_neutral_split.language-es_8wekyb3d8bbwe
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\PackageInstallState\Microsoft.BingWeather_4.36.20714.0_neutral_split.scale-100_8wekyb3d8bbwe
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\PackageInstallState\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\SisDirectory\AppUp.IntelGraphicsExperience_1.100.2731.0_neutral_~_8j3eq9eme6ctt
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\SisDirectory\AppUp.IntelGraphicsExperience_1.100.2731.0_neutral_split.language-es_8j3eq9eme6ctt
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\SisDirectory\AppUp.IntelGraphicsExperience_1.100.2731.0_neutral_split.scale-100_8j3eq9eme6ctt
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\SisDirectory\AppUp.IntelGraphicsExperience_1.100.2731.0_x64__8j3eq9eme6ctt
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\SisDirectory\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\SisDirectory\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\SisDirectory\Microsoft.BingWeather_4.36.20714.0_neutral_~_8wekyb3d8bbwe
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\SisDirectory\Microsoft.BingWeather_4.36.20714.0_neutral_split.language-es_8wekyb3d8bbwe
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\SisDirectory\Microsoft.BingWeather_4.36.20714.0_neutral_split.scale-100_8wekyb3d8bbwe
HKLM\System\Setup\Upgrade\Appx\DownlevelGather\SisDirectory\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4A95D360-46C3-43EB-8283-530EB0C7987B}

# Cachés:

C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex (F-64)
C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Cache\Cache_Data (F-5)
C:\Users\USUARIO\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Code Cache\js (F-1)
C:\Users\USUARIO\AppData\Local\D3DSCache (D-5)
C:\Users\USUARIO\AppData\Local\Microsoft\TokenBroker\Cache (F-3)
C:\Users\USUARIO\AppData\Local\Microsoft\Windows\ActionCenterCache (F-0)
C:\Users\USUARIO\AppData\Local\Microsoft\Windows\INetCache\IE (D-3)
C:\Users\USUARIO\AppData\Local\Temp (D-1173)
C:\Windows\CbsTemp (F-0)
C:\Windows\Logs\CBS (F-2)
C:\Windows\Logs\SIH (F-8)
C:\Windows\Logs\WindowsUpdate (F-52)
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts (F-1)
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp (F-0)
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\DeliveryOptimization\Logs (F-144)
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp (F-1)
C:\Windows\System32\config\systemprofile\AppData\Local (D-220)
C:\Windows\System32\config\systemprofile\AppData\Local\D3DSCache (D-3)
C:\Windows\SystemTemp (D-1)
C:\Windows\SystemTemp (F-2)
C:\Windows\Temp (F-208)

# Paquetes:

AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt
Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe
Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe
Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe
Microsoft.BingNews_4.51.22441.0_x64__8wekyb3d8bbwe
Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe

# Misceláneo:

[?] AntiVirus Software: ESET
[?] AntiVirus Software: Kaspersky
[?] AntiVirus Software: Malwarebytes
[?] AntiVirus Software: Windows Defender
[?] Se borraron los registros del Visor de eventos
[?] Se cancelaron todos los trabajos en la cola de transferencia

HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity
    Enabled    REG_DWORD    0x1


HKLM\Software\Microsoft\Windows Defender\Exclusions
    DisableAutoExclusions    REG_DWORD    0x1

HKLM\Software\Microsoft\Windows Defender\Exclusions\Extensions

HKLM\Software\Microsoft\Windows Defender\Exclusions\IpAddresses

HKLM\Software\Microsoft\Windows Defender\Exclusions\Paths
    F:\OInstall.exe    REG_DWORD    0x0
    C:\Users\USUARIO\AppData\Local\Temp\files    REG_DWORD    0x0
    C:\Program Files (x86)\UsbFix    REG_DWORD    0x0

HKLM\Software\Microsoft\Windows Defender\Exclusions\Processes

HKLM\Software\Microsoft\Windows Defender\Exclusions\TemporaryPaths

___

C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25060.7-0
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\DAX3API.exe.12108.dmp
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\DAX3API.exe.4172.dmp
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\DAX3API.exe.4248.dmp
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\DAX3API.exe.4296.dmp
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\DAX3API.exe.9528.dmp
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelAudioService.exe.4172.dmp
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelAudioService.exe.4336.dmp
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\IntelAudioService.exe.4456.dmp
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\LenovoVantageService.exe.7172.dmp
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\wuauclt.exe.2428.dmp


*************************** EOF DNB **************************

FRST.txt (24,8 KB)

Addition.txt (32,3 KB)

furtivex · 2 Noviembre, 2025 16:40

Hola @mario006 . Lamento la demora. Últimamente no he tenido mucho tiempo libre por diversos asuntos personales. Revisé tus registros y no encontré nada anormal. Los registros están limpios.

¿Podrías describir qué problemas persisten? No entiendo del todo cuál era el problema con los iconos. El menú de inicio que compartiste se ve normal.

furtivex · 2 Noviembre, 2025 17:11

Ah, ya entiendo.

¿Podrías leer lo siguiente y ver si te ayuda?

Este problema probablemente se deba a una caché de iconos dañada, que se puede solucionar borrando el archivo de caché y reiniciando el equipo. Si eso no funciona, revisa las opciones del Explorador de archivos para asegurarte de que las miniaturas estén habilitadas o intenta cambiar la configuración de la pantalla.

Este video muestra cómo solucionar problemas de caché de iconos en Windows 10: https://www.youtube.com/watch?v=4OQ8ob2by8c

furtivex · 2 Noviembre, 2025 17:15

Por último, asegúrate de que esta opción esté habilitada: Mostrar miniaturas en lugar de iconos.

system · 4 Noviembre, 2025 17:15

Este tema se cerró automáticamente 2 días después de la última publicación. No se permiten nuevas respuestas.