Tengo Virus de doble tilde

Buenas,

me pongo en contacto porque tengo un virus de doble tilde que no consigo eliminar. He intentado localizarlo siguiendo instrucciones de este foro y probando mil opciones y no consigo eliminarlo o detectarlo. Me encantaría obtener algún tipo de ayuda. Muchas gracias.

Adjunto los reportes de Farbar Recovery Scan Tool:

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 06-10-2023
Ejecutado por AnaSa (administrador) sobre DESKTOP-F3CT8BD (ASUS System Product Name) (07-10-2023 14:56:50)
Ejecutado desde C:\Users\AnaSa\OneDrive\Escritorio\FRST64.exe
Perfiles cargados: AnaSa
Plataforma: Microsoft Windows 10 Pro Versión 22H2 19045.3448 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe ->) (EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Riot Games\Riot Client\RiotClientServices.exe ->) () [Archivo no firmado] C:\Riot Games\Riot Client\RiotClientCrashHandler.exe
(C:\Users\AnaSa\AppData\Local\Discord\app-1.0.9018\Discord.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <22>
(D:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) D:\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(D:\hamachi-2-ui.exe ->) (LogMeIn, Inc. -> LogMeIn, Inc.) D:\LMIGuardianSvc.exe
(D:\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(D:\x64\hamachi-2.exe ->) (LogMeIn, Inc. -> LogMeIn, Inc.) D:\x64\LMIGuardianSvc.exe
(Discord Inc. -> Discord Inc.) C:\Users\AnaSa\AppData\Local\Discord\app-1.0.9018\Discord.exe <6>
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) D:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (RealDefense, LLC -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\Riot Client\RiotClientServices.exe
(explorer.exe ->) (Skutta, Kristjan -> ) D:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) D:\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(LogMeIn, Inc. -> LogMeIn Inc.) D:\hamachi-2-ui.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(services.exe ->) (EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(services.exe ->) (LogMeIn, Inc. -> LogMeIn Inc.) D:\x64\hamachi-2.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_8c8de08a85de4474\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3022640 2023-09-25] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\hamachi-2-ui.exe [7039464 2022-05-18] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restricción <==== ATENCIÓN
HKU\S-1-5-21-2293580722-2630180928-2826860554-1001\...\Run: [Discord] => C:\Users\AnaSa\AppData\Local\Discord\Update.exe [1525016 2023-01-13] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2293580722-2630180928-2826860554-1001\...\Run: [Steam] => D:\Steam\steam.exe [4375912 2023-09-29] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2293580722-2630180928-2826860554-1001\...\Run: [WallpaperEngine] => D:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [3050080 2023-02-13] (Skutta, Kristjan -> )
HKU\S-1-5-21-2293580722-2630180928-2826860554-1001\...\Run: [EpicGamesLauncher] => D:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37231056 2023-10-05] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2293580722-2630180928-2826860554-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [70913464 2023-10-06] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-2293580722-2630180928-2826860554-1001\...\Run: [MicrosoftEdgeAutoLaunch_883AF518FC0449C529970435F69CA24A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4210232 2023-10-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2293580722-2630180928-2826860554-1001\...\Run: [BLVYL] => C:\ProgramData\presepuesto\BLVYL.exe\presepuesto\BLVYL.exe (Ningún archivo)
HKU\S-1-5-21-2293580722-2630180928-2826860554-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [11192552 2023-08-04] (RealDefense, LLC -> SUPERAntiSpyware)
HKU\S-1-5-21-2293580722-2630180928-2826860554-1001\...\Run: [] => [X]
HKU\S-1-5-21-2293580722-2630180928-2826860554-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42614688 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\117.0.5938.134\Installer\chrmstp.exe [2023-10-05] (Google LLC -> Google LLC)

==================== Tareas programadas (Lista blanca) =================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {A40439B4-579F-496F-A897-BE1788A00725} - System32\Tasks\AviraSystemSpeedupRemoval => %comspec%  -> /C rmdir "C:\Program Files (x86)\Avira\System Speedup" /S /Q & schtasks /Delete /F /TN AviraSystemSpeedupRemoval
Task: {DA19E5B0-95C6-4597-947D-5830F9B98AA6} - System32\Tasks\BLVYL => C:\ProgramData\presepuesto\BLVYL.exe  (Ningún archivo) <==== ATENCIÓN
Task: {61EBFB45-080B-4115-A158-AF89EB382207} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {A636FB7E-47D6-4B61-95BD-5EEBF425A6ED} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "329f603b-6bb4-4308-9531-5d0653652366" --version "6.16.10662" --silent
Task: {73ADE7AB-9ED7-4B2C-9058-3BF30794CB3C} - System32\Tasks\CCleanerSkipUAC - AnaSa => C:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {ED333C0E-8B8E-4096-A3C4-C6450BCC7F44} - System32\Tasks\GoogleUpdateTaskMachineCore{B98DF7CF-5BC6-46F3-A637-13047CF2966E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-08] (Google LLC -> Google LLC)
Task: {3D5DDF52-4E91-41E5-BCA0-17F4FBD8AC62} - System32\Tasks\GoogleUpdateTaskMachineUA{C2142D68-8277-4FBF-9064-DC9EEF0E6286} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-08] (Google LLC -> Google LLC)
Task: {0A752DC9-460F-4B5C-8F84-40E4FAF00956} - System32\Tasks\Microsoft\Windows\Clip\wmsmrror => C:\Windows\SysWOW64\rundll32.exe [61440 2022-07-08] (Microsoft Windows -> Microsoft Corporation) -> C:\ProgramData\AccountList\VyylesAies\mciwwseAplliCCFA.dll,MAIBasicCCncpl <==== ATENCIÓN
Task: {3593DDF8-1EB1-43A9-AA2B-6F5EF28CB20B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {144B1455-EA69-405A-8FF3-2EAEE8EB64FF} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4204B580-8507-4DD0-934F-BF210FB386FF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5D8836A0-C9D1-4881-A5CD-A37627AD02D1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B9E3DB25-BDB8-48C8-8258-BF0E2AB81053} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {33F09D37-2AFD-409D-9C8D-DA9BBC24A42F} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B4C6C40E-2A95-4DEC-BB91-3A850EA0FE68} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E442A2D6-7199-471D-BCB1-5946A667D78F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D0D42755-28A6-4EB4-A049-BC2CD2730B66} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9A2BE2D6-A633-4116-B269-0CD05EBF5939} - System32\Tasks\SUPERAntiSpyware Scheduled Task 4ebe3834-cd5a-4b08-a0d1-602682755e5b => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2021-01-09] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) -> "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:4ebe3834-cd5a-4b08-a0d1-602682755e5b
Task: {04027FA6-9073-4089-9411-AB778C475E69} - System32\Tasks\SUPERAntiSpyware Scheduled Task a4f585f9-6766-4194-b760-9153fc896497 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2021-01-09] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) -> "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:a4f585f9-6766-4194-b760-9153fc896497

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 4ebe3834-cd5a-4b08-a0d1-602682755e5b.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task a4f585f9-6766-4194-b760-9153fc896497.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\..\Interfaces\{6122b3b0-89f6-499c-bb26-8eb309ad9ad6}: [DhcpNameServer] 46.6.113.34 212.230.135.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\AnaSa\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-07]
Edge Extension: (Avira Safe Shopping) - C:\Users\AnaSa\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2023-10-07]
Edge Extension: (Avira Password Manager) - C:\Users\AnaSa\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-10-07]
Edge Extension: (Documentos de Google sin conexión) - C:\Users\AnaSa\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-29]
Edge Extension: (Edge relevant text changes) - C:\Users\AnaSa\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-13]
Edge Profile: C:\Users\AnaSa\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-10-07]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2023-05-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2023-05-24] (Oracle America, Inc. -> Oracle Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\AnaSa\AppData\Local\Google\Chrome\User Data\Default [2023-10-07]
CHR Notifications: Default -> hxxps://brnok.silverseeker.top; hxxps://go-fit.es; hxxps://hantabah.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Avira Password Manager) - C:\Users\AnaSa\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-10-07]
CHR Extension: (Avira Safe Shopping) - C:\Users\AnaSa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2023-10-07]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\AnaSa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-08-24]
CHR Extension: (Avira Navegación segura) - C:\Users\AnaSa\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-10-07]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\AnaSa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\AnaSa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-02-08]
CHR Profile: C:\Users\AnaSa\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-10-07]
CHR Profile: C:\Users\AnaSa\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-10-07]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\AnaSa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-08]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\AnaSa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-02-08]
CHR Profile: C:\Users\AnaSa\AppData\Local\Google\Chrome\User Data\System Profile [2023-10-07]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2021-01-09] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [845256 2023-10-07] (ASUSTeK Computer Inc. -> )
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-02-10] (Epic Games Inc. -> Epic Games, Inc.)
R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [17418784 2023-10-07] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 Hamachi2Svc; D:\x64\hamachi-2.exe [3848680 2022-05-18] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9316040 2023-10-07] (Malwarebytes Inc. -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402264 2023-09-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [2525216 2023-10-07] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9402904 2023-09-25] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_8c8de08a85de4474\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_8c8de08a85de4474\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 atvi-randgrid_sr; D:\Steam\steamapps\common\Call of Duty HQ\randgrid.sys [2786712 2023-09-28] (Activision Publishing Inc -> Activision Blizzard, Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
R3 EnigmaFileMonDriver; C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys [84032 2023-10-07] (Microsoft Windows Hardware Compatibility Publisher -> EnigmaSoft Limited)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2022-05-18] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [222288 2023-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [200104 2023-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2023-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [188016 2023-10-07] (Malwarebytes Inc. -> Malwarebytes)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [18160 2023-08-25] (RealDefense, LLC -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [15600 2023-08-25] (RealDefense, LLC -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [21460800 2023-09-25] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [55856 2023-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [572712 2023-10-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105872 2023-10-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2023-10-07 14:48 - 2023-10-07 14:56 - 000000000 ____D C:\FRST
2023-10-07 14:12 - 2023-10-07 14:13 - 000000000 ____D C:\Program Files\CCleaner
2023-10-07 14:12 - 2023-10-07 14:12 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-10-07 14:12 - 2023-10-07 14:12 - 000003476 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-10-07 14:12 - 2023-10-07 14:12 - 000002904 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - AnaSa
2023-10-07 14:12 - 2023-10-07 14:12 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-10-07 14:12 - 2023-10-07 14:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-10-07 14:10 - 2023-10-07 14:10 - 000003454 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupRemoval
2023-10-07 14:10 - 2023-10-07 14:10 - 000000000 ____D C:\Windows\system32\Tasks\Avira
2023-10-07 14:06 - 2023-10-07 14:06 - 000000000 ____D C:\Users\AnaSa\AppData\LocalLow\IGDump
2023-10-07 14:00 - 2023-10-07 14:00 - 000000000 ____D C:\Users\Public\Security Sessions
2023-10-07 13:58 - 2023-10-07 14:10 - 011021672 _____ C:\Windows\system32\rtp.db
2023-10-07 13:58 - 2023-10-07 13:58 - 000000000 ____D C:\Windows\SysWOW64\statReporter
2023-10-07 13:58 - 2023-10-07 13:58 - 000000000 ____D C:\Users\AnaSa\AppData\Local\AviraWebView2Cache
2023-10-07 13:57 - 2023-10-07 14:10 - 000000000 ____D C:\Program Files (x86)\Avira
2023-10-07 13:57 - 2023-10-07 14:00 - 000000000 ____D C:\Users\AnaSa\AppData\Local\Avira
2023-10-07 13:55 - 2023-10-07 13:55 - 000188016 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2023-10-07 12:57 - 2023-10-07 13:00 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2023-10-07 12:12 - 2023-10-07 12:12 - 000001079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk
2023-10-07 12:12 - 2023-10-07 12:12 - 000000000 ____D C:\sh5ldr
2023-10-07 12:12 - 2023-10-07 12:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2023-10-07 12:12 - 2023-10-07 12:12 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2023-10-07 12:11 - 2023-10-07 12:11 - 000000000 ____D C:\Program Files\EnigmaSoft
2023-10-07 11:49 - 2023-10-07 12:09 - 000000542 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task a4f585f9-6766-4194-b760-9153fc896497.job
2023-10-07 11:49 - 2023-10-07 12:09 - 000000542 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 4ebe3834-cd5a-4b08-a0d1-602682755e5b.job
2023-10-07 11:49 - 2023-10-07 11:49 - 000003782 _____ C:\Windows\system32\Tasks\SUPERAntiSpyware Scheduled Task 4ebe3834-cd5a-4b08-a0d1-602682755e5b
2023-10-07 11:49 - 2023-10-07 11:49 - 000003700 _____ C:\Windows\system32\Tasks\SUPERAntiSpyware Scheduled Task a4f585f9-6766-4194-b760-9153fc896497
2023-10-07 11:49 - 2023-10-07 11:49 - 000000000 ____D C:\Users\AnaSa\AppData\Roaming\SUPERAntiSpyware.com
2023-10-07 11:48 - 2023-10-07 11:49 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2023-10-07 11:48 - 2023-10-07 11:48 - 000000000 ____D C:\Users\AnaSa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2023-10-07 11:48 - 2023-10-07 11:48 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2023-10-07 11:14 - 2023-10-07 13:56 - 000000000 ____D C:\Users\AnaSa\AppData\Local\Malwarebytes
2023-10-07 11:14 - 2023-10-07 11:14 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-10-07 11:14 - 2023-10-07 11:14 - 000000000 ____D C:\Users\AnaSa\AppData\Local\mbam
2023-10-07 11:14 - 2023-10-07 11:14 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-10-07 11:14 - 2023-10-07 11:14 - 000000000 ____D C:\Program Files\Malwarebytes
2023-10-06 20:13 - 2023-10-06 20:13 - 000000000 ____D C:\Program Files\Epic Games
2023-10-06 20:06 - 2023-10-06 20:06 - 000000000 ____D C:\Users\AnaSa\AppData\Local\Deceit2
2023-10-06 19:59 - 2023-10-06 19:59 - 000003546 _____ C:\Windows\system32\Tasks\BLVYL
2023-10-06 19:58 - 2023-10-07 13:05 - 000000000 ____D C:\Users\AnaSa\AppData\Roaming\Kixirapp
2023-10-06 19:58 - 2023-10-06 19:58 - 000000000 ____D C:\Users\AnaSa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kixirapp
2023-10-03 01:25 - 2023-10-03 01:25 - 000000000 ____D C:\Users\AnaSa\AppData\LocalLow\Total Mayhem Games
2023-09-17 20:46 - 2023-09-17 20:46 - 000077575 _____ C:\Users\AnaSa\Downloads\Black Doodle Coloring Student Introduction All About Me Worksheet.pdf
2023-09-17 20:39 - 2023-09-17 20:39 - 000507953 _____ C:\Users\AnaSa\Downloads\FREEdownloadAllAboutMeIceBreakerWorksheetKindergarten1stGrade-1.pdf
2023-09-16 14:30 - 2023-09-16 14:30 - 000097967 _____ C:\Users\AnaSa\Downloads\grammarism-present-simple-test-2-1212018.pdf
2023-09-16 14:29 - 2023-09-16 14:29 - 000097880 _____ C:\Users\AnaSa\Downloads\grammarism-present-simple-test-1-1048175.pdf
2023-09-15 20:39 - 2023-09-15 20:39 - 000141601 _____ C:\Users\AnaSa\Downloads\vida_laboral.pdf
2023-09-15 15:12 - 2023-09-03 23:47 - 001488008 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2023-09-15 15:12 - 2023-09-03 23:47 - 001227400 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2023-09-15 15:12 - 2023-09-03 23:47 - 000849088 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2023-09-15 15:12 - 2023-09-03 23:47 - 000849088 _____ C:\Windows\system32\vulkaninfo.exe
2023-09-15 15:12 - 2023-09-03 23:47 - 000713920 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-09-15 15:12 - 2023-09-03 23:47 - 000713920 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2023-09-15 15:12 - 2023-09-03 23:47 - 000653504 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2023-09-15 15:12 - 2023-09-03 23:47 - 000653504 _____ C:\Windows\system32\vulkan-1.dll
2023-09-15 15:12 - 2023-09-03 23:47 - 000637120 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2023-09-15 15:12 - 2023-09-03 23:47 - 000637120 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-09-15 15:12 - 2023-09-03 23:45 - 000939144 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2023-09-15 15:12 - 2023-09-03 23:45 - 000669320 _____ C:\Windows\system32\nvofapi64.dll
2023-09-15 15:12 - 2023-09-03 23:45 - 000503928 _____ C:\Windows\SysWOW64\nvofapi.dll
2023-09-15 15:12 - 2023-09-03 23:44 - 012066424 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2023-09-15 15:12 - 2023-09-03 23:44 - 002168456 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2023-09-15 15:12 - 2023-09-03 23:44 - 001621624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2023-09-15 15:12 - 2023-09-03 23:44 - 001537656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2023-09-15 15:12 - 2023-09-03 23:44 - 001195128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2023-09-15 15:12 - 2023-09-03 23:44 - 000992376 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2023-09-15 15:12 - 2023-09-03 23:44 - 000777336 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2023-09-15 15:12 - 2023-09-03 23:44 - 000459384 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2023-09-15 15:12 - 2023-09-03 23:43 - 014520440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2023-09-15 15:12 - 2023-09-03 23:43 - 006190728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2023-09-15 15:12 - 2023-09-03 23:43 - 005845640 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2023-09-15 15:12 - 2023-09-03 23:43 - 005550728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2023-09-15 15:12 - 2023-09-03 23:43 - 003483272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2023-09-15 15:12 - 2023-09-03 23:43 - 000853112 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2023-09-15 15:12 - 2023-09-01 22:26 - 000108122 _____ C:\Windows\system32\nvinfo.pb
2023-09-15 14:27 - 2023-09-15 14:27 - 000000000 ___HD C:\$WinREAgent
2023-09-14 15:07 - 2023-09-14 15:07 - 000000000 ____D C:\Users\AnaSa\AppData\Local\NEWSKILLControlCenter
2023-09-14 13:08 - 2023-09-14 13:08 - 000000000 ____D C:\Users\AnaSa\.afirma
2023-09-14 13:08 - 2023-09-14 13:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoFirma
2023-09-14 13:08 - 2023-09-14 13:08 - 000000000 ____D C:\Program Files\AutoFirma
2023-09-14 13:07 - 2023-09-14 13:08 - 111839544 _____ C:\Users\AnaSa\Downloads\AutoFirma64.zip
2023-09-14 13:05 - 2023-09-15 20:34 - 000000000 ____D C:\Users\AnaSa\.fnmt
2023-09-14 13:05 - 2023-09-14 13:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ConfiguradorFnmt
2023-09-14 13:05 - 2023-09-14 13:05 - 000000000 ____D C:\Program Files\ConfiguradorFnmt
2023-09-14 13:04 - 2023-09-14 13:04 - 051381392 _____ C:\Users\AnaSa\Downloads\Configurador_FNMT_4.0.2_64bits.exe

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2023-10-07 14:56 - 2023-02-08 22:36 - 000000000 ____D C:\Users\AnaSa\AppData\Local\Discord
2023-10-07 14:36 - 2023-02-08 23:31 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-07 14:36 - 2022-07-08 01:50 - 000000000 ____D C:\Windows\SystemTemp
2023-10-07 14:15 - 2023-07-11 17:05 - 000000000 ____D C:\Users\AnaSa\AppData\Local\LogMeIn Hamachi
2023-10-07 14:15 - 2023-07-09 19:45 - 000000000 ____D C:\Windows\Minidump
2023-10-07 14:15 - 2023-03-12 00:04 - 000000000 ____D C:\Users\AnaSa\AppData\Local\CrashDumps
2023-10-07 14:15 - 2023-02-06 17:57 - 000000000 ____D C:\Windows\Panther
2023-10-07 14:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-10-07 14:10 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-10-07 14:02 - 2023-02-08 17:29 - 001772862 _____ C:\Windows\system32\PerfStringBackup.INI
2023-10-07 14:02 - 2019-12-07 16:56 - 000788342 _____ C:\Windows\system32\perfh00A.dat
2023-10-07 14:02 - 2019-12-07 16:56 - 000155730 _____ C:\Windows\system32\perfc00A.dat
2023-10-07 14:00 - 2023-02-08 17:33 - 000000000 ____D C:\Users\AnaSa\AppData\Local\D3DSCache
2023-10-07 13:58 - 2023-02-09 00:11 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2023-10-07 13:56 - 2023-02-08 22:36 - 000000000 ____D C:\Users\AnaSa\AppData\Roaming\discord
2023-10-07 13:56 - 2023-02-08 17:29 - 000000000 ____D C:\ProgramData\NVIDIA
2023-10-07 13:55 - 2023-02-06 17:57 - 000901328 _____ () C:\Windows\system32\wpbbin.exe
2023-10-07 13:55 - 2023-02-06 17:57 - 000845256 _____ C:\Windows\system32\AsusUpdateCheck.exe
2023-10-07 13:55 - 2023-02-06 17:57 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-07 13:55 - 2023-02-06 17:57 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-10-07 13:55 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-07 13:55 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-10-07 13:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2023-10-07 12:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-10-07 12:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-10-07 11:48 - 2023-02-06 17:57 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-10-07 11:22 - 2023-03-05 22:07 - 000000000 ____D C:\Users\AnaSa\AppData\Roaming\uTorrent Web
2023-10-07 11:10 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2023-10-07 11:10 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-10-07 00:02 - 2023-02-06 17:57 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-10-06 21:45 - 2023-02-10 00:21 - 000000000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\NotAllowedUnattendedBugReports
2023-10-06 21:45 - 2023-02-08 23:40 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-10-06 21:45 - 2023-02-08 22:50 - 000000000 ____D C:\ProgramData\Riot Games
2023-10-06 20:16 - 2023-04-24 21:39 - 000000000 ____D C:\Users\AnaSa\AppData\Local\Epic Games
2023-10-06 20:06 - 2023-02-09 00:12 - 000000000 ____D C:\Users\AnaSa\AppData\Local\UnrealEngine
2023-10-06 19:46 - 2023-04-24 21:38 - 000000811 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2023-10-05 14:16 - 2023-05-24 22:33 - 002709096 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2023-10-05 14:16 - 2023-05-24 22:33 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2023-10-05 14:16 - 2023-05-24 22:33 - 000210536 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2023-10-05 14:16 - 2023-05-24 22:33 - 000181864 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2023-10-05 14:16 - 2023-05-24 22:33 - 000145000 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2023-10-05 14:16 - 2023-05-24 22:33 - 000095736 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2023-10-05 14:16 - 2023-05-24 22:33 - 000075360 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2023-10-05 14:14 - 2023-02-06 17:57 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-10-03 15:39 - 2023-02-08 17:28 - 000000000 ____D C:\Users\AnaSa
2023-09-27 14:21 - 2023-02-08 22:56 - 000000000 ____D C:\Program Files\Riot Vanguard
2023-09-26 02:03 - 2023-07-11 17:09 - 000000000 ____D C:\Users\AnaSa\AppData\Roaming\StardewValley
2023-09-24 18:07 - 2023-03-12 19:22 - 000000000 ____D C:\Users\AnaSa\Zomboid
2023-09-21 14:40 - 2023-02-08 17:29 - 000000000 ____D C:\ProgramData\Packages
2023-09-19 13:31 - 2023-02-08 23:31 - 000003992 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{C2142D68-8277-4FBF-9064-DC9EEF0E6286}
2023-09-19 13:31 - 2023-02-08 23:31 - 000003868 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{B98DF7CF-5BC6-46F3-A637-13047CF2966E}
2023-09-16 15:34 - 2023-02-08 22:45 - 000000000 ____D C:\Users\AnaSa\AppData\Local\Steam
2023-09-15 20:43 - 2023-02-06 17:57 - 000438912 _____ C:\Windows\system32\FNTCACHE.DAT
2023-09-15 20:42 - 2019-12-07 16:59 - 000000000 ___SD C:\Windows\system32\AppV
2023-09-15 20:42 - 2019-12-07 16:59 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-09-15 20:42 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-09-15 20:42 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-09-15 20:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-09-15 20:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-09-15 20:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-09-15 20:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-09-15 20:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-09-15 20:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-09-15 20:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-09-15 20:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-09-15 15:17 - 2023-02-08 17:30 - 000000000 ____D C:\Users\AnaSa\AppData\Local\NVIDIA
2023-09-15 15:14 - 2023-02-08 17:29 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-09-15 14:31 - 2023-02-06 18:01 - 003014144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-09-15 14:25 - 2023-02-10 12:09 - 000000000 ____D C:\Windows\system32\MRT
2023-09-15 14:23 - 2023-02-10 12:09 - 177941912 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-09-14 13:13 - 2023-05-24 22:33 - 000000000 ____D C:\XboxGames

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 06-10-2023
Ejecutado por AnaSa (07-10-2023 14:57:26)
Ejecutado desde C:\Users\AnaSa\OneDrive\Escritorio
Microsoft Windows 10 Pro Versión 22H2 19045.3448 (X64) (2023-02-06 15:59:47)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-2293580722-2630180928-2826860554-500 - Administrator - Disabled)
AnaSa (S-1-5-21-2293580722-2630180928-2826860554-1001 - Administrator - Enabled) => C:\Users\AnaSa
DefaultAccount (S-1-5-21-2293580722-2630180928-2826860554-503 - Limited - Disabled)
Invitado (S-1-5-21-2293580722-2630180928-2826860554-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2293580722-2630180928-2826860554-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

AutoFirma (HKLM\...\AutoFirma) (Version: 1.8.2 - Gobierno de España)
CCleaner (HKLM\...\CCleaner) (Version: 6.16 - Piriform)
Configurador FNMT (HKLM\...\ConfiguradorFnmt) (Version: 4.0.2 - FNMT-RCM)
Discord (HKU\S-1-5-21-2293580722-2630180928-2826860554-1001\...\Discord) (Version: 1.0.9010 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{1B2C15AF-153C-4DA3-B1D0-1E3F5CA0D673}) (Version: 1.3.67.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{4757C19B-4CE3-418C-91D2-E15E938091FB}) (Version: 2.0.39.0 - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 117.0.5938.134 - Google LLC)
Java 8 Update 351 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180351F0}) (Version: 8.0.3510.10 - Oracle Corporation)
Java(TM) SE Development Kit 20.0.1 (64-bit) (HKLM\...\{7B8A7BC9-611D-5E97-AE51-BB62567FFB9F}) (Version: 20.0.1.0 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\{B49685C9-32FA-4194-A43F-DAF6BD60F2EC}) (Version: 2.3.0.78 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.3.0.78 - LogMeIn, Inc.)
Malwarebytes version 4.6.4.286 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.4.286 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.60 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{5c75eda4-d029-43bf-a70b-a73d380f52ee}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
NVIDIA Controlador de audio HD 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 537.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 537.34 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.5.4 - The qBittorrent project)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.15.13.318 - EnigmaSoft Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 10.0.1256 - SUPERAntiSpyware.com)
The Sims 4 Digital Deluxe Edition MULTi17 - ElAmigos versión 1.92.145 (HKLM-x32\...\{27B947C0-320C-4997-9681-1E7010A15896}_is1) (Version: 1.92.145 - EA Games)
VALORANT (HKU\S-1-5-21-2293580722-2630180928-2826860554-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.47 - Microsoft Corporation)
WinRAR 6.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.21.0 - win.rar GmbH)

Packages:
=========
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-03-21] (Microsoft Corporation)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-11] (Microsoft Corporation)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.62.8.0_x64__6rarf9sa4v8jt [2023-09-26] (Disney)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.3.7.0_x64__8wekyb3d8bbwe [2023-09-12] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-09-15] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-24] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0 [2023-10-01] (Spotify AB) [Startup Task]

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2023-08-30] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2023-08-30] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-10-07] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_8c8de08a85de4474\nvshext.dll [2023-09-03] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-10-07] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\AnaSa\OneDrive\Escritorio\Ana - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"

==================== Módulos cargados (Lista blanca) =============


==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\NotAllowedUnattendedBugReports:5E1E912DBE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\NotAllowedUnattendedBugReports:AC55BD64A0 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk:8096E45125 [3442]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_351\bin\ssv.dll [2023-05-24] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_351\bin\jp2ssv.dll [2023-05-24] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\AutoFirma\AutoFirma
HKU\S-1-5-21-2293580722-2630180928-2826860554-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 46.6.113.34 - 212.230.135.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKU\S-1-5-21-2293580722-2630180928-2826860554-1001\...\StartupApproved\Run: => "utweb"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{AB0F5126-5F07-4334-8F82-DCAD324D16CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{046D7CE0-1AEF-4660-B067-1DDB435607A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{C82215C4-72F8-498B-BF79-6827CC2C5BE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{BB894B68-3897-4813-81B1-C2230DD89533}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{565B09E0-C6FF-4756-A763-C9F51A82A1D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{63E14BA0-1197-4DD1-84BD-B67FADCC32B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{4542A813-84FB-4690-8FA4-06173F5A4967}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E39EC8CF-A5AF-45B2-B854-F4A8134DB788}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B935F0D3-60DA-4831-8CB4-6EBF6303937A}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{60CC6969-F08E-4F92-ACF0-B9A60C861EDD}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C2FE4E53-5E99-4B53-BE32-F45A7AC1B695}] => (Allow) D:\Steam\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [Archivo no firmado]
FirewallRules: [{F77097E1-EA03-434B-92F3-35110C223DA4}] => (Allow) D:\Steam\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [Archivo no firmado]
FirewallRules: [TCP Query User{C2F9F225-AED9-4EAF-9FAB-7B0A0094B04D}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{1A3A4A0B-2959-4814-A528-480EAAF197B1}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{39C9B488-64D5-442B-A26C-ABE3B5E0661F}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{8D52573C-1EAF-42CA-A503-0E1039DB0CDA}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{020C95EC-F2CD-422F-9992-F37193AB6CEB}] => (Allow) D:\Steam\steamapps\common\Call of Duty HQ\cod.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{41511434-B8BB-45DB-98A4-E3304891C220}] => (Allow) D:\Steam\steamapps\common\Call of Duty HQ\cod.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{531EC91C-5822-4AAF-A6EB-8D85D125A6A1}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{F4E669E5-E42D-4BAB-AAFE-7B85BC9AA8A5}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{8DA65870-166C-4F9E-8C3B-9F2A0C64C2CF}] => (Allow) C:\Users\AnaSa\AppData\Roaming\uTorrent Web\utweb.exe => Ningún archivo
FirewallRules: [{5952429B-6B7B-4E23-817F-AC3F002A2354}] => (Allow) C:\Users\AnaSa\AppData\Roaming\uTorrent Web\utweb.exe => Ningún archivo
FirewallRules: [TCP Query User{EC0C67C3-4250-453A-A934-2A2C63DC3EFF}D:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) D:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [UDP Query User{CEDB9A57-F4DC-424F-839D-0468F7867A04}D:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) D:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [{0E81B394-630E-458D-9568-2D6C5985B971}] => (Allow) D:\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [Archivo no firmado]
FirewallRules: [{18F59EE5-8C68-4509-8E14-E32E6A1D4987}] => (Allow) D:\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{BA2A4754-3DC5-463A-AF38-0688231154F3}D:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{A192A25C-5A72-4935-A9B5-C68F0C23EA90}D:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{DEA63492-71C9-461C-8ED9-F597FB22E791}D:\demonologist\demonologist\shivers\binaries\win64\shivers-win64-shipping.exe] => (Allow) D:\demonologist\demonologist\shivers\binaries\win64\shivers-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{1D5802CF-BB3C-4E4D-8FDB-B2D4DB4411EB}D:\demonologist\demonologist\shivers\binaries\win64\shivers-win64-shipping.exe] => (Allow) D:\demonologist\demonologist\shivers\binaries\win64\shivers-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{0C835E9F-DD0C-45CD-A37F-5B6644A203D6}C:\users\anasa\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\anasa\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe => Ningún archivo
FirewallRules: [UDP Query User{2CECD216-A47C-473B-AD36-8FC4F980B68E}C:\users\anasa\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\anasa\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe => Ningún archivo
FirewallRules: [TCP Query User{B8F11FB1-02F2-43A3-9C4F-1D1B28ED080B}C:\program files\java\jdk-20\bin\javaw.exe] => (Allow) C:\program files\java\jdk-20\bin\javaw.exe
FirewallRules: [UDP Query User{B1B99D91-8730-47D4-A658-8B3D4EBF5875}C:\program files\java\jdk-20\bin\javaw.exe] => (Allow) C:\program files\java\jdk-20\bin\javaw.exe
FirewallRules: [{2ADE9562-5096-4335-9477-AD01897245F4}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Ningún archivo
FirewallRules: [{716734DF-097C-46A8-8782-9D2A095CC498}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Ningún archivo
FirewallRules: [{04B56154-4501-4AF9-B4B9-1ED1B5B3583D}] => (Allow) D:\Steam\steamapps\common\Aim Lab\AimLab_tb.exe () [Archivo no firmado]
FirewallRules: [{135F10C7-ED10-4CD6-BA45-484593F99C1D}] => (Allow) D:\Steam\steamapps\common\Aim Lab\AimLab_tb.exe () [Archivo no firmado]
FirewallRules: [{C094A88F-4D4C-45DB-9D93-4B464813FE57}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Ningún archivo
FirewallRules: [{6E32C543-8B25-4F08-9E80-7AA2A565AC67}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Ningún archivo
FirewallRules: [{C1C833BA-4457-4D73-90FC-47EE230FA61D}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => Ningún archivo
FirewallRules: [{2087D3A2-B45E-415A-8725-0F87388F2F83}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => Ningún archivo
FirewallRules: [{1872EE52-89D5-4C74-9170-69C8346273D6}] => (Allow) D:\Steam\steamapps\common\Good Pizza, Great Pizza\PizzaBusiness.exe () [Archivo no firmado]
FirewallRules: [{3C83624F-DB1C-4E04-AF00-908A44FE2032}] => (Allow) D:\Steam\steamapps\common\Good Pizza, Great Pizza\PizzaBusiness.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{C9C00705-BE37-476A-AF27-333302A6639A}C:\users\anasa\onedrive\escritorio\stardew.valley.build.7922849-pivigames.bog\stardew valley.exe] => (Allow) C:\users\anasa\onedrive\escritorio\stardew.valley.build.7922849-pivigames.bog\stardew valley.exe (ConcernedApe) [Archivo no firmado]
FirewallRules: [UDP Query User{5B21CE14-436E-4792-87F4-F121A7F97CA1}C:\users\anasa\onedrive\escritorio\stardew.valley.build.7922849-pivigames.bog\stardew valley.exe] => (Allow) C:\users\anasa\onedrive\escritorio\stardew.valley.build.7922849-pivigames.bog\stardew valley.exe (ConcernedApe) [Archivo no firmado]
FirewallRules: [{CE2DDDED-ACA6-484E-9B0F-0DBD593A48F6}] => (Block) C:\users\anasa\onedrive\escritorio\stardew.valley.build.7922849-pivigames.bog\stardew valley.exe (ConcernedApe) [Archivo no firmado]
FirewallRules: [{88089BE0-2B96-40D5-B0E1-EF78C9C8650B}] => (Block) C:\users\anasa\onedrive\escritorio\stardew.valley.build.7922849-pivigames.bog\stardew valley.exe (ConcernedApe) [Archivo no firmado]
FirewallRules: [TCP Query User{8EB6BFC0-5F41-44C5-A527-604FD187EF5A}C:\users\anasa\onedrive\escritorio\pummel.party.v1.12.1h\pummelparty.exe] => (Allow) C:\users\anasa\onedrive\escritorio\pummel.party.v1.12.1h\pummelparty.exe => Ningún archivo
FirewallRules: [UDP Query User{6D2F4F4F-7485-4AFA-AC3B-EF212705F667}C:\users\anasa\onedrive\escritorio\pummel.party.v1.12.1h\pummelparty.exe] => (Allow) C:\users\anasa\onedrive\escritorio\pummel.party.v1.12.1h\pummelparty.exe => Ningún archivo
FirewallRules: [{91009EF4-7E6B-4D3D-9579-CE32508BBE88}] => (Block) C:\users\anasa\onedrive\escritorio\pummel.party.v1.12.1h\pummelparty.exe => Ningún archivo
FirewallRules: [{E2F402BF-8498-4DB0-9478-91D39E38C0DD}] => (Block) C:\users\anasa\onedrive\escritorio\pummel.party.v1.12.1h\pummelparty.exe => Ningún archivo
FirewallRules: [{23C3CBE4-4CDF-46D9-A2DB-7AA0C3572405}] => (Allow) D:\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp_server.exe (Activision Publishing Inc -> )
FirewallRules: [{197AC7DA-1905-47C8-AAFA-8C83AAC9629C}] => (Allow) D:\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp_server.exe (Activision Publishing Inc -> )
FirewallRules: [TCP Query User{D440464E-6262-49CF-9774-59E53B61041E}C:\users\anasa\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe] => (Allow) C:\users\anasa\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe (Plutonium Project -> Plutonium Project) [Archivo no firmado]
FirewallRules: [UDP Query User{C807D4B7-C8CB-4A27-B683-AE629562CF68}C:\users\anasa\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe] => (Allow) C:\users\anasa\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe (Plutonium Project -> Plutonium Project) [Archivo no firmado]
FirewallRules: [{46D8F70B-9F82-4D6E-BE17-496CEE0FC726}] => (Block) C:\users\anasa\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe (Plutonium Project -> Plutonium Project) [Archivo no firmado]
FirewallRules: [{EE0E5FAB-BB77-48EE-9310-4D72EA58B631}] => (Block) C:\users\anasa\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe (Plutonium Project -> Plutonium Project) [Archivo no firmado]
FirewallRules: [TCP Query User{6DCD2EAA-EF5F-48C9-AE92-D4D834C45E7E}C:\users\anasa\onedrive\escritorio\phasmophobia.v0.9.0.5\phasmophobia.exe] => (Allow) C:\users\anasa\onedrive\escritorio\phasmophobia.v0.9.0.5\phasmophobia.exe => Ningún archivo
FirewallRules: [UDP Query User{7B013F46-A052-45CB-A351-671F14B37FCA}C:\users\anasa\onedrive\escritorio\phasmophobia.v0.9.0.5\phasmophobia.exe] => (Allow) C:\users\anasa\onedrive\escritorio\phasmophobia.v0.9.0.5\phasmophobia.exe => Ningún archivo
FirewallRules: [{AAC88DB9-D2F3-41E1-8A1B-7F9CDB367C9C}] => (Block) C:\users\anasa\onedrive\escritorio\phasmophobia.v0.9.0.5\phasmophobia.exe => Ningún archivo
FirewallRules: [{EADCE248-BB51-43D3-BDA1-35CC4FB6723F}] => (Block) C:\users\anasa\onedrive\escritorio\phasmophobia.v0.9.0.5\phasmophobia.exe => Ningún archivo
FirewallRules: [{74E43288-6AC0-414B-A4CE-954F394B98F7}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Archivo no firmado]
FirewallRules: [{25BE418C-AAC7-4801-9219-644EC0864F3B}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Archivo no firmado]
FirewallRules: [TCP Query User{0607B040-4A07-403A-9380-DBBFB0598648}C:\program files\configuradorfnmt\configuradorfnmt\jre\bin\javaw.exe] => (Allow) C:\program files\configuradorfnmt\configuradorfnmt\jre\bin\javaw.exe
FirewallRules: [UDP Query User{8CC9678D-B461-40DF-BEAD-CE52F935CA53}C:\program files\configuradorfnmt\configuradorfnmt\jre\bin\javaw.exe] => (Allow) C:\program files\configuradorfnmt\configuradorfnmt\jre\bin\javaw.exe
FirewallRules: [{0AB7B920-39E7-402B-9E54-7E5452D82706}] => (Block) C:\program files\configuradorfnmt\configuradorfnmt\jre\bin\javaw.exe
FirewallRules: [{08A8E620-A918-4A27-A624-A74B0107F25E}] => (Block) C:\program files\configuradorfnmt\configuradorfnmt\jre\bin\javaw.exe
FirewallRules: [TCP Query User{3BDA282F-608B-4385-86CC-A467B8BEBEF7}D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe] => (Block) D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe
FirewallRules: [UDP Query User{434DAA98-71F0-468A-94E5-A64A3B8CC870}D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe] => (Block) D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe
FirewallRules: [{9E6176A0-8FE5-4F0E-8028-FD2354D74E8B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DEEF9A70-4074-4A64-BB73-1F86B48093B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{54509FFC-F721-42F8-B437-4B50174F8314}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E265622C-34A5-4CCC-BA2A-500A47E21EDC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{782BFAEA-2EEB-4CC7-9766-19255D235816}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4191C478-8638-4C42-A8FF-497E4DE3677E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{701F9F68-D8F0-41D8-B251-99F735200AF3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{79420965-EF1D-47F3-B758-D1DCAD577614}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{640DFFBE-9B7B-47D6-AFA5-C1A8392717E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{85C98339-2476-4C3F-A1DC-764C9B272207}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{48EECE7F-6524-405E-A19B-63B08D001A1D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8C9752E0-8B6F-4F23-8424-E39D9DE806FC}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{194DB947-4FDD-4F15-848D-16AACCB6FFB2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1AAB9F05-9FC2-4354-A2C3-1583AAFA32FD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F398C601-A223-4C65-9C61-4D222C4A9C3A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0208143E-3F09-4BB4-9172-DB177AD2AE85}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{FD17D64A-346B-43F0-920F-46082887DE9E}C:\users\anasa\onedrive\escritorio\deceit.2.build.22092023-0xdeadc0de\deceit2\binaries\win64\deceit2game-win64-shipping.exe] => (Block) C:\users\anasa\onedrive\escritorio\deceit.2.build.22092023-0xdeadc0de\deceit2\binaries\win64\deceit2game-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{A31F4390-3C25-41C1-B632-6CD1566FD4AD}C:\users\anasa\onedrive\escritorio\deceit.2.build.22092023-0xdeadc0de\deceit2\binaries\win64\deceit2game-win64-shipping.exe] => (Block) C:\users\anasa\onedrive\escritorio\deceit.2.build.22092023-0xdeadc0de\deceit2\binaries\win64\deceit2game-win64-shipping.exe => Ningún archivo

==================== Puntos de Restauración =========================

06-10-2023 20:06:57 {2772FC49-ACE2-4CB5-9BC0-48E3825026A0}

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Controladora de cifrado/descifrado PCI
Description: Controladora de cifrado/descifrado PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (10/07/2023 01:09:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: backgroundTaskHost.exe, versión: 10.0.19041.546, marca de tiempo: 0x1d3a15e7
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.19041.3393, marca de tiempo: 0x6b4de7c9
Código de excepción: 0xc000027b
Desplazamiento de errores: 0x000000000012d9b2
Identificador del proceso con errores: 0x2784
Hora de inicio de la aplicación con errores: 0x01d9f90ec9d0505e
Ruta de acceso de la aplicación con errores: C:\Windows\system32\backgroundTaskHost.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\KERNELBASE.dll
Identificador del informe: be77b454-054f-4348-b15a-675c9a920054
Nombre completo del paquete con errores: Microsoft.YourPhone_1.23082.131.0_x64__8wekyb3d8bbwe
Identificador de aplicación relativa del paquete con errores: App

Error: (10/07/2023 11:16:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa mbamtray.exe (versión 4.0.0.1682) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 3d0

Hora de Inicio: 01d9f8feace126c9

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

Id. de informe: bacc4f69-6c5e-424e-b19f-8e13c515e2c7

Nombre completo del paquete con errores: 

Id. de la aplicación relativa al paquete con errores: 

Tipo de bloqueo: Cross-process

Error: (10/07/2023 11:16:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa mbam.exe (versión 4.0.0.1682) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 2f28

Hora de Inicio: 01d9f8feb1535673

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe

Id. de informe: a2dd486e-5cbd-4050-9412-0260169417ef

Nombre completo del paquete con errores: 

Id. de la aplicación relativa al paquete con errores: 

Tipo de bloqueo: Cross-process


Errores del sistema:
=============
Error: (10/07/2023 02:15:20 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-F3CT8BD)
Description: No se puede iniciar un servidor DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Error 
"2147942767"
al iniciar este comando:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (10/07/2023 01:10:32 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1115" al intentar iniciar el servicio SecurityHealthService con argumentos "No disponible" para ejecutar el servidor:
{8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}

Error: (10/07/2023 01:08:50 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1115" al intentar iniciar el servicio SecurityHealthService con argumentos "No disponible" para ejecutar el servidor:
{8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}

Error: (10/07/2023 01:06:54 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-F3CT8BD)
Description: Error de DCOM "1084" al intentar iniciar el servicio camsvc con argumentos "No disponible" para ejecutar el servidor:
Windows.Internal.CapabilityAccess.CapabilityAccess

Error: (10/07/2023 01:06:52 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-F3CT8BD)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (10/07/2023 01:06:24 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-F3CT8BD)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (10/07/2023 01:06:23 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-F3CT8BD)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (10/07/2023 01:06:17 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-F3CT8BD)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{9E175B6D-F52A-11D8-B9A5-505054503030}


Windows Defender:
================
Date: 2023-10-07 11:19:40
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.H!ml&threatid=2147814523&enterprise=0
Nombre: Trojan:Win32/Wacatac.H!ml
Id.: 2147814523
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\AnaSa\AppData\LocalLow\IGDump\ezrjnufwzodxkxvftnpdpsmskmlmybxc\omvngndoogzohykrpoozjsjlvqlmhyly.ext
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-F3CT8BD\AnaSa
Nombre de proceso: C:\Users\AnaSa\AppData\LocalLow\IGDump\ezrjnufwzodxkxvftnpdpsmskmlmybxc\ig.exe
Versión de inteligencia de seguridad: AV: 1.399.178.0, AS: 1.399.178.0, NIS: 1.399.178.0
Versión de motor: AM: 1.1.23090.2007, NIS: 1.1.23090.2007

Date: 2023-10-07 11:19:16
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.H!ml&threatid=2147814523&enterprise=0
Nombre: Trojan:Win32/Wacatac.H!ml
Id.: 2147814523
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\AnaSa\AppData\LocalLow\IGDump\djafjgeihpfmqpglmfkrxtfxonsdquqo\ulypgykrtyfwhjnqwenoxmrkdzhiwfix.ext
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-F3CT8BD\AnaSa
Nombre de proceso: C:\Users\AnaSa\AppData\LocalLow\IGDump\djafjgeihpfmqpglmfkrxtfxonsdquqo\ig.exe
Versión de inteligencia de seguridad: AV: 1.399.178.0, AS: 1.399.178.0, NIS: 1.399.178.0
Versión de motor: AM: 1.1.23090.2007, NIS: 1.1.23090.2007

Date: 2023-10-02 22:55:55
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {D66ADB99-D120-479B-96DA-5994144E595E}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2023-09-28 15:36:51
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {403C488C-43EF-42E1-B6F9-E71D63FD1BFA}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2023-09-24 14:18:35
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {23016607-5AFF-45FC-A929-C2555432D3DF}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-10-07 13:00:10
Description: 
La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2023-10-07 12:57:32
Description: 
La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2023-08-31 12:22:21
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.397.29.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.23080.2005
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2023-07-17 18:57:29
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.393.514.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.23060.1005
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2023-07-17 13:51:33
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.393.514.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.23060.1005
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

CodeIntegrity:
===============
Date: 2023-10-07 14:56:13
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. 2803 04/27/2022
Placa base: ASUSTeK COMPUTER INC. TUF GAMING B550-PLUS
Procesador: AMD Ryzen 5 5600X 6-Core Processor 
Porcentaje de memoria en uso: 55%
RAM física total: 16265.3 MB
RAM física disponible: 7252.07 MB
Virtual total: 27529.3 MB
Virtual disponible: 14950.08 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:222.92 GB) (Free:100.85 GB) (Model: KINGSTON SA400S37240G) NTFS
Drive d: (Nuevo vol) (Fixed) (Total:931.5 GB) (Free:489.93 GB) (Model: KIOXIA-EXCERIA G2 SSD) NTFS

\\?\Volume{4296c4fe-2894-47e3-a8e1-fe4ab9524556}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
\\?\Volume{bd90e6a8-f7fd-45d1-b911-59bf92c13e49}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Final de Addition.txt =======================

Hola, buenas @zorro68 bienvenido al foro. Al ser nuevo te recomiendo que te leas las políticas de este. No porque hayas hecho nada mal, sino para saber más acerca del funcionamiento de este.

Necesito logs de FRST más frescos posibles… así que:

[color=#2271b3] EN BUSCA / ELIMINACIÓN DE MALWARE [/color]

Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

[color=#ff00]LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE[/color] (y no en otro sitio).

Descargas Farbar Recovery Scan Tool [color=#ff00]MUY IMPORTANTE[/color] >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?

Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

Farbar Recovery Scan Tool

1. Ejecutas el FRST.exe[size=2] (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).[/size]

2. Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.

3. En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.

4. Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.

[color=#ff00]Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado.[/color] [color=#ff00]También conectas nuevamente tu equipo a Internet.[/color]

[color=#2271b3] PRÓXIMA RESPUESTA[/color]

Pegas los reportes de FRST.txt y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).

NOTA IMPORTANTE

[color=#ff0000]Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:[/color]

• No realices pasos/acciones que NOSOTROS no te hayamos indicado.
• No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
• No instales NADA (programas/software/complementos/extensiones del navegador…).
• No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
• No realices por tu cuenta otros procedimientos.
• Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

Hola, buenas @anaclawdor

¿Has podido realizar algún avance acerca de lo que te pregunté/comenté?

Me comentas.

Salu2.

P.D.: Si no respondes en este tema, en 4 días se cerrará automáticamente.

Este tema se cerró automáticamente después de 28 días. No se permiten nuevas respuestas.