Hola vuelvo a este gran foro a pedir la excelente ayuda que brindáis siempre. Después de bastante tiempo. Un saludo a todos, veo que seguís al pie del cañón, eso es bueno. Resulta, esta vez, que mi pc con Windows 11 me ha empezado a hacer cosas raras, desde que descargué un archivo, de dudosa procedencia, para instalar un programa. Abro unas cuantas carpetas, para hacer tareas y al rato como 5 minutos o así salta un pantallazo, se me va la barra de inicio y vuelve a ponerse y se cierran solas todas las que llevara en ese momento y ha entrado en bucle. Basta que las abra otra vez para que se me vuelvan a cerrar al rato. También he notado que la rapidez descargando archivos ha menguado no se si será por esto mismo. Y al querer descomprimir una ISO con el WinRar tarda siglos. Cuando mi pc ha ido bastante fluido los últimos meses. No es mucha cosa pero molesta bastante. Espero que se pueda solucionar. Gracias de antemano.
1 me gusta
Hola @canalfam
Bienvenido al foro, te recomiendo leer
Realiza los siguientes pasos:
(Mantén conectados todos tus dispositivos externos que tengas como: USBs, discos duros externos, etc).
Por favor, descarga todo el software de los enlaces que pongo/de sus respectivos manuales.
Ahora ejecutarás una serie de herramientas respetando el orden los pasos con todos los programas cerrados incluidos los navegadores.
Conectas todos tus dispositivos externos (todos los discos duros externos que tengas, así como todas las USB que tengas y discos duros externos si también tienes.
Realiza los pasos que te pongo a continuación, sin cambiar el orden y síguelos al pie de la letra:
0) Descarga Ccleaner . Aquí te dejo su manual: Manual de CCleaner , para que sepas como usarlo y configurarlo correctamente.
Lo instalas y lo ejecutas. En la pestaña Limpieza personalizada dejas la configuración predeterminada. Haces clic en Analizar y esperas a que termine. Seguidamente haz clic en Ejecutar Limpiador. Clic en la pestaña Registro > clic en Buscar Problemas esperas que termine. Finalmente clic en Reparar Seleccionadas y realizas una Copia de Seguridad del registro de Windows.
1) Descarga, instala, actualiza y ejecuta Malwarebytes’ Anti-Malware. Aquí te dejo su manual: Manual de Malwarebytes , para que sepas como usarlo y configurarlo correctamente.
- Realizas un Análisis Personalizado, marcando Todas las casillas (menos la que dice analizar rootkits) de la Derecha y de la Izquierda, actualizando si te lo pide. Es decir: conectas todos tus dispositivos externos (todos los discos duros externos que tengas, así como todas las USB que tengas y marcas todas las unidades de disco disponibles y las siguientes casillas:
- Analizar objetos en memoria
- Analizar configuracion de inicio y registro
- Analizar dentro de los archivos
- Pulsar en “Eliminar Seleccionados” para enviar las infecciones a la cuarentena y Reinicias el ordenador.
- Para acceder posteriormente al informe del análisis te diriges a: Informes >> Registro de análisis >> pulsas en Exportar >> Copiar al Portapapeles y pones el informe en tu próxima respuesta.
2) Descarga Adwcleaner en el escritorio.
- Desactiva tu antivirus
Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado. - Ejecuta Adwcleaner.exe (Si usas Windows Vista/7/8 u 10 presiona clic derecho y selecciona “Ejecutar como Administrador.”)
- Pulsar en el botón Analizar Ahora, y espera a que se termine el análisis. Inmediatamente pulsa sobre el botón Iniciar Reparación.
- Espera a que termine y sigue las instrucciones que te aparezcan. Si te pidiera Reiniciar, pues reinicias el ordenador pulsando en Aceptar.
- Si no encuentra nada, pulsa en Omitir Reparación.
- El log lo encontrarás en la pestaña Informes, volviendo a abrir el programa, si es necesario o en la siguiente ubicación: C:\AdwCleaner\Logs\AdwCleaner[C0].txt.
- Para más información aquí te dejo su manual: Manual de Adwcleaner .
- Activa de nuevo tu antivirus y cualquier programa de seguridad que tengas activado.
3) Utiliza nuevamente CCleaner tal como te dije en el punto 0.
Pegas los reportes de Malwarebytes y AdwCleaner y comentas como va el problema inicial planteado por el cual abriste este tema. También responde a las preguntas que te haya realizado a lo largo de este Post, siempre que te haya hecho alguna, si no, no
NOTA IMPORTANTE
Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:
- No realices pasos/acciones que NOSOTROS no te hayamos indicado.
- No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
- No instales NADA (programas/software/complementos/extensiones del navegador…).
- No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
- No realices por tu cuenta otros procedimientos.
- Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.
Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:
Salu2.
Hola buenas tardes he realizado los procedimientos pero me sigue sucediendo lo mismo. Adjunto los reportes.
# -------------------------------
# Malwarebytes AdwCleaner 8.4.1.0
# -------------------------------
# Build: 01-29-2024
# Database: 2024-01-29.3 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-19-2024
# Duration: 00:00:00
# OS: Windows 11 (Build 22631.3155)
# Cleaned: 5
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\Tencent
Deleted C:\Users\bilun\AppData\Local\Tencent
Deleted C:\Users\bilun\AppData\Roaming\Tencent
Deleted C:\Users\bilun\AppData\Roaming\mipony
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1758 octets] - [19/02/2024 17:25:51]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 19/2/24
Hora del análisis: 11:55
Archivo de registro: 58a9209a-cf15-11ee-9aa4-04e8b97cd741.json
-Información del software-
Versión: 4.6.8.311
Versión de los componentes: 1.0.2259
Versión del paquete de actualización: 1.0.81151
Licencia: Prueba
-Información del sistema-
SO: Windows 11 (Build 22631.3155)
CPU: x64
Sistema de archivos: NTFS
Usuario: Pcnuevodani\bilun
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 252878
Amenazas detectadas: 13
Amenazas en cuarentena: 0
Tiempo transcurrido: 52 min, 23 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 1
PUP.Optional.BundleInstaller, C:\USERS\BILUN\APPDATA\ROAMING\UTORRENT WEB\UTWEB.EXE, Sin acciones por parte del usuario, 89, 1207153, , , , , 917C35591CAA55020FDAF170FEA524CE, 4B7D89B7D86635718E2482B29EF7834D56EEBC6722DF1BD25365B65B3222FAB7
Módulo: 1
PUP.Optional.BundleInstaller, C:\USERS\BILUN\APPDATA\ROAMING\UTORRENT WEB\UTWEB.EXE, Sin acciones por parte del usuario, 89, 1207153, , , , , 917C35591CAA55020FDAF170FEA524CE, 4B7D89B7D86635718E2482B29EF7834D56EEBC6722DF1BD25365B65B3222FAB7
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 1
PUP.Optional.BundleInstaller, HKU\S-1-5-21-2916687263-724568431-2313189076-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|utweb, Sin acciones por parte del usuario, 89, 1207153, , , , , ,
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 10
PUP.Optional.BundleInstaller, C:\USERS\BILUN\APPDATA\ROAMING\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk, Sin acciones por parte del usuario, 89, 1207153, , , , , BA15B173AFA7F414E46F39F7C5F1F41A, ED8D5E632766BC410425E9B3560083DE1CD6E06ABCD3A400D78EF5EE5D51C7AA
PUP.Optional.BundleInstaller, C:\USERS\BILUN\DESKTOP\uTorrent Web.lnk, Sin acciones por parte del usuario, 89, 1207153, , , , , 7218B66DEE04412AEEF9D787EEB07E93, 6E7302AD45EF4B9450B675B252B2A659AE42893F146797A1D151F035074A74A5
PUP.Optional.BundleInstaller, C:\USERS\BILUN\APPDATA\ROAMING\UTORRENT WEB\UTWEB.EXE, Sin acciones por parte del usuario, 89, 1207153, 1.0.81151, , ame, , 917C35591CAA55020FDAF170FEA524CE, 4B7D89B7D86635718E2482B29EF7834D56EEBC6722DF1BD25365B65B3222FAB7
PUP.Optional.BundleInstaller, C:\USERS\BILUN\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46904.EXE, Sin acciones por parte del usuario, 89, 1192101, 1.0.81151, , ame, , 078A33F16906087BCA73770103372A64, FA32892A5874E72B179E7C0F098E3EBF684BF1258497C0823D54AEC3408CE094
PUP.Optional.BundleInstaller, C:\USERS\BILUN\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46896.EXE, Sin acciones por parte del usuario, 89, 1182208, 1.0.81151, , ame, , 0F7CBAEE2280137BC1EEF881D0D4E54A, 2D44A0822C6C2D4344F6312AFA06FDBDE9B037C3327C877CBB3991E0158F39C8
PUP.Optional.BundleInstaller, C:\USERS\BILUN\DOWNLOADS\UTWEB_INSTALLER (3).EXE, Sin acciones por parte del usuario, 89, 1190615, 1.0.81151, , ame, , FC5D156C0F6BADDBCEC46A21FE8AE358, 5C8C6FB82E89F49A604F6CD2F49FC7FE75098CCAD3C75A3B2AA952AD8A837023
PUP.Optional.BundleInstaller, C:\USERS\BILUN\DOWNLOADS\UTWEB_INSTALLER (2).EXE, Sin acciones por parte del usuario, 89, 1190615, 1.0.81151, , ame, , 072DDB9DE8D935C11E3FA32E95DCF414, 654E9961A22777DDE15AD9C35F9DF7731591F7BE44C31D668B6F10D981551357
PUP.Optional.BundleInstaller, C:\USERS\BILUN\DOWNLOADS\UTWEB_INSTALLER (1).EXE, Sin acciones por parte del usuario, 89, 1190615, 1.0.81151, , ame, , A47CA31029AB2B1B368063C4FEF1094F, DA7B434A39A5457AADCB8D7071EC35D4E3C1CF0AB625BC41271D400404D09454
PUP.Optional.BundleInstaller, C:\USERS\BILUN\DOWNLOADS\UTORRENT-3-5-5-BUILD-46348.EXE, Sin acciones por parte del usuario, 89, 1127518, 1.0.81151, , ame, , 51B7DF10C11728E06E8DF45C128EC0DC, 5781F34BFD6F640588C91D4E068ECEA7DD09C2C8689BF1660BAA81D6EC5BF0A0
PUP.Optional.BundleInstaller, C:\USERS\BILUN\DOWNLOADS\UTWEB_INSTALLER.EXE, Sin acciones por parte del usuario, 89, 1190615, 1.0.81151, , ame, , 512FE83C35CD86653DC239BCC170547F, 5B2B8542C18D4F557D6ECA61824A9E73995BA8472E8473BEEB280F0E6DFD6068
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)Hola @canalfam
No ejecutaste malwarebytes como indique
Realizaste un análisis de amenazas
Me interesa que el análisis sea del tipo personalizado, ya que se analiza el sistema a mayor profundidad, además no eliminaste lo que el programa detecto.
Vuélvelo a ejecutar como se indica, apóyate en el manual si lo necesitas y trae el reporte
Saludos
Aquí tienes el informe, espero que ahora si sea el correcto. Sigue sucediendo lo mismo por lo visto.
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 19/2/24
Hora del análisis: 20:48
Archivo de registro: eaa5445c-cf5f-11ee-890a-04e8b97cd741.json
-Información del software-
Versión: 4.6.8.311
Versión de los componentes: 1.0.2259
Versión del paquete de actualización: 1.0.81167
Licencia: Prueba
-Información del sistema-
SO: Windows 11 (Build 22631.3155)
CPU: x64
Sistema de archivos: NTFS
Usuario: Pcnuevodani\bilun
-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 729292
Amenazas detectadas: 2
Amenazas en cuarentena: 2
Tiempo transcurrido: 1 hr, 6 min, 27 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 2
Trojan.Dropper, D:\DATOS\COSAS\NUEVA CARPETA (9)\POKESAV HGSS - ENG.EXE, En cuarentena, 27, 1192290, 1.0.81167, , ame, , F1601A9E891D63775E91FE9BED22B48D, 8B24D99376CBB776D80D368975E63AB89A95AEC2DEB325FCDA5F7C24FEA526B2
Trojan.Dropper, D:\DATOS 2DEL9\POKESAV HEART GOLD Y SOUL SILVER.EXE, En cuarentena, 27, 1192290, 1.0.81167, , ame, , F1601A9E891D63775E91FE9BED22B48D, 8B24D99376CBB776D80D368975E63AB89A95AEC2DEB325FCDA5F7C24FEA526B2
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
1 me gusta
Hola @canalfam
Ahora si esta bien ejecutado 
Realiza lo siguiente
Descarga ZHPCleaner y lo ejecutas siguiendo su manual
- Una ves que termine elimina todo lo que encuentre.
- Se abrira un reporte pegamelo en tu proxima respuesta
Descarga Eset Online Scaner Manual de Uso y realizas un análisis del PC, lee detalladamente las instrucciones y realizas un Análisis Personalizado tal y como se indica en su manual. Me traes su reporte.
Me comentas como sigue todo y me traes los reportes
Saludos
Una pregunta si hago la limpieza de navegadores que me dice? Que el que uso mas es el Edge y el Brave, cuando los abra se habrán borrado las pestañas que tengo abiertas? Por que tengo unas cuantas. O miro de administrarlas antes de hacer la limpieza con el programa Zhpcleaner? Vaya a ser que me pegue un susto después.
La verdad no estoy seguro nunca probe. Supongo que las cierra. Guarda las que necesites en tus marcadores
Saludos
Hola @canalfam
Si ahora te hago un tema nuevo, ando medio atareado no creo que agarre ese tema en particular, puede que mañana o pasado, de momento deberías cambiar tus contraseñas y activar la autenticación de doble factor para estar mas protegido.
Con respecto al tema principal, debes traer el reporte de zhp y eset y comentar como sigue todo
Saludos
Hola, aquí te dejo los informes, gracias de antemano. El problema aparentemente se ha solucionado. Pero si hay que hacer alguna limpieza/paso mas estoy a lo que me digas.
~ ZHPCleaner v2024.2.10.6 by Nicolas Coolman (2024/02/10)
~ Run by bilun (Administrator) (21/02/2024 09:53:23)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version :
~ Type : Scanner
~ Report : C:\Users\bilun\Desktop\ZHPCleaner (S).txt
~ Quarantine : C:\Users\bilun\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point :
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 11, 64-bit (Build 22631)
---\\ Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados.
---\\ Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.
---\\ Navegadores de Internet (3)
ENCONTRADOS carpeta: C:\Users\bilun\AppData\Local\Microsoft\Edge\User Data\Default\History =>.SUP.BrowserHistoric
ENCONTRADOS archivo: C:\Users\bilun\AppData\Local\BraveSoftware\Brave-BrowserUser Data\Default\Cache\Cache_Data =>.SUP.BrowserCache
ENCONTRADOS archivo: C:\Users\bilun\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data =>.SUP.BrowserCache
---\\ Hosts carpeta (1)
~ El archivo hosts es legítimo (21)
---\\ Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.
---\\ Explorador ( Archivos, Carpetas ) (1)
ENCONTRADOS carpeta: C:\Users\bilun\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>ChromiumPreference
---\\ Registro ( Claves, Valores, Datos) (0)
~ No malintencionados o innecesarios artículos encontrados.
---\\ Resumen de elementos en su estación de trabajo (3)
https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/ =>.SUP.BrowserHistoric
https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/ =>.SUP.BrowserCache
https://nicolascoolman.eu/2020/10/01/preferences-navigateurs-chromium/ =>ChromiumPreference
---\\ Resultado de la reparación.
~ ninguna reparación hecha
~ Microsoft Edge OK
~ Brave OK
~ Microsoft Internet Explorer OK
---\\ STATISTIQUES
~ Items escaneado : 108938
~ Items encontrado : 4
~ artículos cancelados : 0
~ Ahorro de espacio (bytes) : 0
~ Items opciones : 10/18
---\\ OPCIONES NO ACTIVAS
~ Análisis temporal de archivos
~ Análisis temporal de carpetas
~ Análisis de CLSID de carpetas vacías
~ Vaciar otro análisis de carpetas
~ Análisis de carpetas locales vacías
~ Análisis de carpetas locales vacías
~ Análisis de archivos de instalación obsoleto
~ Iniciar navegadores con extensiones eliminadas
~ End of search in 00h03mn08s
---\\ Reporte (4)
ZHPCleaner-[R]-21022024-09_42_35.txt
ZHPCleaner-[S]-19022024-23_52_31.txt
ZHPCleaner-[S]-21022024-09_35_01.txt
ZHPCleaner-[S]-21022024-09_56_31.txt21/02/2024 13:24:15
Archivos analizados: 596646
Archivos detectados: 8
Archivos desinfectados: 8
Tiempo total de análisis 02:48:38
Estado del análisis: Finalizado
C:\Program Files (x86)\AIMP3\Uninstall.exe una variante de Win32/AIMP.D aplicación potencialmente no deseada desinfectado por eliminación
C:\ProgramData\GCBGCAFIIE.exe Win32/TrojanDownloader.Amadey.A Troyano desinfectado por eliminación
C:\Users\bilun\Downloads\flashget196en.exe Win32/Bundled.Toolbar.Google.G aplicación potencialmente no segura desinfectado por eliminación
C:\Users\bilun\Downloads\FuLL_lSetup_D0wnl0aded.zip Win32/TrojanDownloader.Rugmi.AAN Troyano contenía archivos infectados
C:\Users\bilun\Downloads\GLP_installer_900223150_market (1).exe una variante de Win32/Tencent.X aplicación potencialmente no deseada desinfectado por eliminación
C:\Users\bilun\Downloads\GLP_installer_900223150_market (2).exe una variante de Win32/Tencent.X aplicación potencialmente no deseada desinfectado por eliminación
C:\Users\bilun\Downloads\GLP_installer_900223150_market (3).exe una variante de Win32/Tencent.X aplicación potencialmente no deseada desinfectado por eliminación
C:\Users\bilun\Downloads\GLP_installer_900223150_market.exe una variante de Win32/Tencent.X aplicación potencialmente no deseada desinfectado por eliminaciónHola @canalfam
Vuelve a ejecutar zhp como indica el manual ya que no eliminaste lo que detecto.
Saludos
En el tutorial de zhpcleaner sale una versión del 2018 que es diferente a la que se me ha descargado del 2024, la interfaz es diferente. Cuando termina de hacer el scanner, no me sale como en el tutorial, se me abren unas pestañas en el navegador aparte. He de realizar, lo que indica cada pestaña, para solucionar cada elemento detectado?(en total 7). O me intento descargar la versión anterior?
Actualizo: Hay una proceso que quiere realizar ZHPcleaner que me detecta el antivirus Norton como sospechoso lo he mirado y pone que quiere eliminar un archivo , me ha pedido reiniciar y que después se generará el reporte.
Actualizo 2: Te envío el ultimo informe que se ha generado. Dime por favor si está bien echo o no. Y si es que no volveré a hacer lo que dice el tutorial al pie de la letra. Sin saltarme ningún paso. Seguro que algo me he dejado otra vez.
~ ZHPCleaner v2024.2.20.7 by Nicolas Coolman (2024/02/20)
~ Run by bilun (Administrator) (21/02/2024 20:58:37)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Reparar
~ Report : C:\Users\bilun\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\bilun\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : OK
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 11, 64-bit (Build 22631)
---\\ Alternate Data Stream (ADS). (1)
MOVIDO carpeta ADS: C:\Users\bilun\Downloads\esetonlinescanner.exe:MBAM.Zone.Identifier =>.SUP.FileADS
---\\ Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.
---\\ Navegadores de Internet (0)
---\\ Hosts carpeta (1)
~ El archivo hosts es legítimo (21)
---\\ Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.
---\\ Explorador ( Archivos, Carpetas ) (4)
MOVIDO carpeta^: C:\Users\bilun\AppData\Local\Microsoft\Edge\User Data\Default\History =>.SUP.BrowserHistoric
MOVIDO carpeta: C:\Users\bilun\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium
MOVIDO archivo: C:\Users\bilun\AppData\Local\BraveSoftware\Brave-BrowserUser Data\Default\Cache\Cache_Data =>.SUP.BrowserCache
MOVIDO archivo: C:\Users\bilun\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data =>.SUP.BrowserCache
---\\ Registro ( Claves, Valores, Datos) (1)
BORRADOS clave*: [X64] HKLM\SOFTWARE\1D0EC6DE-4A80-4CC3-A335-E6E41C951198 [] =>Adware.CrossRider
---\\ Resumen de elementos en su estación de trabajo (5)
https://nicolascoolman.eu/2018/01/04/ads-alternate-data-stream/ =>.SUP.FileADS
https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/ =>.SUP.BrowserHistoric
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium
https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/ =>.SUP.BrowserCache
https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider
---\\ Limpieza adicional. (9)
~ Clave de registro Tracing borrados (9)
~ Quitar los antiguos informes de ZHPCleaner. (0)
---\\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ Microsoft Edge OK
~ Brave OK
~ Microsoft Internet Explorer OK
~ El sistema ha sido reiniciado.
---\\ STATISTIQUES
~ Items escaneado : 1186
~ Items encontrado : 0
~ artículos cancelados : 0
~ Ahorro de espacio (bytes) : 0
~ Items opciones : 10/18
---\\ OPCIONES NO ACTIVAS
~ Análisis temporal de archivos
~ Análisis temporal de carpetas
~ Análisis de CLSID de carpetas vacías
~ Vaciar otro análisis de carpetas
~ Análisis de carpetas locales vacías
~ Análisis de carpetas locales vacías
~ Análisis de archivos de instalación obsoleto
~ Iniciar navegadores con extensiones eliminadas
~ End of clean in 00h05mn39s
---\\ Reporte (6)
ZHPCleaner-[R]-21022024-09_42_35.txt
ZHPCleaner-[S]-19022024-23_52_31.txt
ZHPCleaner-[S]-21022024-09_35_01.txt
ZHPCleaner-[S]-21022024-09_56_31.txt
ZHPCleaner-[S]-21022024-20_25_19.txt
ZHPCleaner-[R]-21022024-21_04_16.txt
GRACIAS!
Hola @canalfam
Si ahora esta bien ejecutado. Si quieres podríamos mirar un poco mas para revisar si se necesita alguna que otra corrección mas o pruebas la pc y si no tiene problemas damos por solucionado el tema.
Saludos
Ok de acuerdo si se puede teminar de hacer alguna cosilla mas para asegurarse que todo correcto yo por mi si. Ya me dices el que.
Realiza lo siguiente
Desactive temporalmente su antivirus. ¿Cómo deshabilitar temporalmente su Antivirus?
Por favor, descargue Farbar Recovery Scan Tool de acuerdo a su tipo de sistema y guárdelo en el Escritorio del sistema.
- Haga clic con el botón derecho sobre él y seleccionar “Ejecutar como Administrador”, para ejecutar la herramienta con permisos de administrador.
- Cuando la herramienta se abra, haga clic en Sí para aceptar el Disclaimer/ Descargo de responsabilidad.
- Haga clic en el botón Scan (Analizar) y espere a que termine.
- La herramienta creará dos informes FRST.txt y Addition.txt ubicados en el mismo directorio desde el que se ejecuta la herramienta.
- Por favor, traiga el contenido de estos reportes en su próxima respuesta.
Saludos
Aquí están los últimos informes. Gracias nuevamente. Este es el FRST.txt
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 19.02.2024 02
Ejecutado por bilun (administrador) sobre PCNUEVODANI (Micro-Star International Co., Ltd. MS-7D91) (22-02-2024 18:56:55)
Ejecutado desde C:\Users\bilun\Desktop\FRST64.exe
Perfiles cargados: bilun
Plataforma: Microsoft Windows 11 Pro Versión 23H2 22631.3155 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Edge
Modo de Inicio: Normal
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> Micro-Star INT'L CO., LTD.) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.29.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.147\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.147\BraveCrashHandler64.exe
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
(Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\121.0.2277.128\identity_helper.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe ->) (IndiLogic LLC -> ) C:\Program Files\Dell\Dell Peripheral Manager\DPMCrashHandler.exe <2>
(C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe ->) (IndiLogic LLC -> Dell Inc.) C:\Program Files\Dell\Dell Peripheral Manager\DPM.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24012.92.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24012.92.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.128\msedgewebview2.exe <13>
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <73>
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) () [Archivo no firmado] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(services.exe ->) () [Archivo no firmado] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (IndiLogic LLC -> Dell Inc.) C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e913f9cc84fc282c\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_21e0cf0737fd48af\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.23.10.10\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.23.10.10\nsWscSvc.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_d3828c822366e497\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_aadd853bf8841644\RtkAudUService64.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\bilun\AppData\Local\Microsoft\OneDrive\24.020.0128.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.40.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Engine.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_aadd853bf8841644\RtkAudUService64.exe [1765176 2023-09-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BraveVpnWireguardService] => C:\Program Files\BraveSoftware\Brave-Browser\Application\121.1.62.165\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [10928152 2024-02-14] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [C17A] => C:\WINDOWS\twain_32\Brimc17a\Common\TwDsUiLaunch.exe [103344 2019-12-25] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [145344 2019-07-26] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3591168 2022-10-09] (Brother Industries, Ltd.) [Archivo no firmado]
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3146752 2022-02-07] (Brother Industries, Ltd.) [Archivo no firmado]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN
HKU\S-1-5-21-2916687263-724568431-2313189076-1003\...\Run: [MicrosoftEdgeAutoLaunch_B74858D3646CDBCFFB61C7C8C0495302] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788240 2024-02-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2916687263-724568431-2313189076-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45018016 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\121.0.6167.185\Installer\chrmstp.exe [2024-02-15] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\121.1.62.165\Installer\chrmstp.exe [2024-02-15] (Brave Software, Inc. -> Brave Software, Inc.)
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
==================== Tareas programadas (Lista blanca) =================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {00180268-B579-42EE-8DFE-5134D4131DEB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {FBC927FE-A939-48DD-8CFE-147A5917BA2D} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{16DB8815-6967-43E7-8438-3486593957B5} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2024-01-23] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {C2C34DDA-2D62-488B-AB38-CBD51D93FBAA} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{C8729FAE-886C-40C8-B50B-30E36C32822A} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2024-01-23] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {58BDE5C6-F798-4142-BA37-D1D192BDD877} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {8F40D7BD-6BF9-4CB8-8597-E4B40C506878} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "68f631a2-79db-4583-ba8a-e3a1bf3dc2f5" --version "6.21.10918" --silent
Task: {1101F4F2-BF5E-410D-B841-1A5DECB104EB} - System32\Tasks\CCleanerSkipUAC - bilun => C:\Program Files\CCleaner\CCleaner.exe [38778272 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {05D1A94F-F5F4-4F93-B1F8-AAC9E673E8AB} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\bilun\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2024-02-21] (ESET, spol. s r.o. -> ESET)
Task: {9FBF968A-936B-40E8-83DF-4CB8DB374BEF} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\bilun\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2024-02-21] (ESET, spol. s r.o. -> ESET)
Task: {B0CFE51F-FBF9-4D11-8C43-7409C7DB17B8} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem123.0.6288.0{912A7F1E-DC9D-4FED-AFC5-62C4AEC018C4} => C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ATENCIÓN
Task: {D4D3A122-8458-47E0-ACA0-F9F3660ACE5D} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4922296 2023-12-19] (Intel Corporation -> Intel Corporation)
Task: {BB770880-93E6-4FCA-B7BE-F3D9DCABA499} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4922296 2023-12-19] (Intel Corporation -> Intel Corporation)
Task: {7549EE38-7416-46B8-9717-2C69C4E23D40} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Ningún archivo)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Ningún archivo)
Task: {F2D14864-03CF-4EA8-A40D-1C3D73DC7F68} - System32\Tasks\Norton 360\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.23.10.10\SymErr.exe [379024 2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {5BB4A229-BF3F-41C6-B121-B8BB77F7CBE3} - System32\Tasks\Norton 360\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.23.10.10\SymErr.exe [379024 2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {0A637650-FCD4-4AC7-9361-D1539D0338ED} - System32\Tasks\Norton 360\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.23.10.10\SymErr.exe [379024 2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {2E114FF7-7F7C-4E1A-B92D-7CAD02A27BD5} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.23.10.10\WSCStub.exe [646520 2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {B134A697-DB57-49F2-9E9C-B36D406AC81C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2023-08-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {5EFCD998-2EBE-47AC-91AB-56F6BD438F14} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-08-15] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A48CD668-3FA8-481D-B654-389E1C4B6D90} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-08-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B3794C43-5DA6-4154-B831-A1AC9EDD7961} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-08-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {056D667A-ECA4-42ED-BA8D-1EC3B49AE733} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-08-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {10B57002-D0F6-4839-BAFD-37C402D1DBD6} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-08-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FA624D77-C88A-40EB-B97D-97ABB19AF69E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-08-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4DD81AC5-ABB0-4D7D-A7DD-F51F2E039B0A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-08-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {85AE5909-0536-4E3E-AD2C-9580877FD0D9} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-08-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D15D7CE5-6BA4-4937-98D0-4C4219C67A11} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360 for Gamers\Upgrade.exe [2353000 2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {08E15739-967B-44DC-9CA7-BAB001C743BC} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\WINDOWS\System32\Wscript.exe [200704 2023-08-03] (Microsoft Windows -> Microsoft Corporation) -> //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip\Parameters: [DhcpNameServer] 100.90.1.1 100.100.1.1
Tcpip\..\Interfaces\{0e6cfa84-3785-44fc-a7fb-495bd5abc8a5}: [DhcpNameServer] 192.168.1.249 192.168.1.239
Tcpip\..\Interfaces\{14f31258-42ca-4e46-a54b-0aa438a31899}: [DhcpNameServer] 192.168.1.249
Tcpip\..\Interfaces\{22342e39-8e54-4d2c-9690-5b28c41ea653}: [DhcpNameServer] 192.168.1.249
Tcpip\..\Interfaces\{31b7da06-6b08-420d-9c88-71b2971495c4}: [DhcpNameServer] 192.168.1.249
Tcpip\..\Interfaces\{85fdb750-832f-48ba-a652-c550651a93f0}: [DhcpNameServer] 192.168.1.249
Tcpip\..\Interfaces\{9703a9bc-d087-49cc-9a88-b371cfa65283}: [DhcpNameServer] 192.168.1.249 192.168.1.239
Tcpip\..\Interfaces\{abf8a7b6-bf97-436e-b5f2-d6666521a291}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{dc422c6a-f27f-4068-a07b-4ac0eedfef79}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{dc422c6a-f27f-4068-a07b-4ac0eedfef79}: [DhcpNameServer] 100.90.1.1 100.100.1.1
Tcpip\..\Interfaces\{dc422c6a-f27f-4068-a07b-4ac0eedfef79}: [DhcpDomain] home
Tcpip\..\Interfaces\{df08507b-5ac0-4c87-a163-275a62c6de77}: [DhcpNameServer] 192.168.1.249
Tcpip\..\Interfaces\{e8d88334-3361-4d52-933f-85abd9ee7c4a}: [DhcpNameServer] 192.168.1.249 192.168.1.239
Tcpip\..\Interfaces\{f3198629-c798-4934-8d43-9d4a90c5a72b}: [DhcpNameServer] 100.90.1.1 100.100.1.1
Tcpip\..\Interfaces\{f3198629-c798-4934-8d43-9d4a90c5a72b}: [DhcpDomain] home
Tcpip\..\Interfaces\{f6f04a0b-7e96-4035-8d34-5a7f2ef98b53}: [DhcpNameServer] 192.168.1.249 192.168.1.239
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\bilun\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-22]
Edge Notifications: Default -> hxxps://banggood.s5.udesk.cn; hxxps://c8e41gha7a54pi4f33.kevaxj.co.in; hxxps://es.aliexpress.com; hxxps://es.newchic.com; hxxps://es.shein.com; hxxps://forospyware.com; hxxps://phtoncorking.co.in; hxxps://pivigames.blog; hxxps://rapidgator.net; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.lecturas.com; hxxps://www.lightinthebox.com; hxxps://www.telecinco.es; hxxps://www.xatakandroid.com
Edge HomePage: Default -> hxxp://www.google.es/
Edge Session Restore: Default -> está habilitado.
Edge Extension: (Documentos de Google sin conexión) - C:\Users\bilun\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-24]
Edge Extension: (MyJDownloader Browser Extension) - C:\Users\bilun\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ieapabanbplofifeaapjocpaogdhncdd [2023-10-26]
Edge Extension: (Surfshark VPN) - C:\Users\bilun\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jkhapebnlgocjncbbfccgiepjlghehmj [2024-02-16]
Edge Extension: (Edge relevant text changes) - C:\Users\bilun\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (Urban VPN Proxy) - C:\Users\bilun\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nimlmejbmnecnaghgmbahmbaddhjbecg [2024-02-21]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.391.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.391.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-02-10] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.19 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)
Brave:
=======
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\bilun\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2024-02-18]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\bilun\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2024-02-18]
BRA Extension: (Brave NTP sponsored images) - C:\Users\bilun\AppData\Local\BraveSoftware\Brave-Browser\User Data\alkblaadjjijngaehljijdimckobegga [2024-02-18]
BRA Extension: (Brave NTP background images) - C:\Users\bilun\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2024-02-09]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\bilun\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2024-02-21]
BRA Extension: (Wallet Data Files Updater) - C:\Users\bilun\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2024-01-23]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\bilun\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2024-02-21]
BRA Extension: (Brave Ads Resources) - C:\Users\bilun\AppData\Local\BraveSoftware\Brave-Browser\User Data\elecgkckipdmnkkgndidemmdhdcdfhnp [2024-02-14]
BRA Extension: (Brave Ad Block Updater (EasyList Spanish (plaintext))) - C:\Users\bilun\AppData\Local\BraveSoftware\Brave-Browser\User Data\fejmaeodjeekfldnbegjagemjgnmhfof [2024-02-21]
BRA Extension: (Brave Ads Resources) - C:\Users\bilun\AppData\Local\BraveSoftware\Brave-Browser\User Data\ganmbmiebelpdlnohnabgkkocholelbp [2024-02-14]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\bilun\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2024-01-23]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\bilun\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2024-01-23]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\bilun\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2024-02-21]
BRA Extension: (Brave Ad Block Updater (Adguard Spanish/Portuguese (plaintext))) - C:\Users\bilun\AppData\Local\BraveSoftware\Brave-Browser\User Data\meimhmgfbckapkbbbdaoefgnbppmkodp [2024-02-17]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\bilun\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2024-01-26]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\bilun\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2024-01-23]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [840144 2023-08-03] (ASUSTeK COMPUTER INC. -> )
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2024-01-23] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2024-01-23] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\121.1.62.165\brave_vpn_helper.exe [2806296 2024-02-14] (Brave Software, Inc. -> Brave Software, Inc.)
S3 BraveVpnWireguardService; C:\Program Files\BraveSoftware\Brave-Browser\Application\121.1.62.165\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [10928152 2024-02-14] (Brave Software, Inc. -> Brave Software, Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [321536 2022-01-26] (Brother Industries, Ltd.) [Archivo no firmado]
R2 DPMService; C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe [1982840 2023-10-09] (IndiLogic LLC -> Dell Inc.)
S2 GoogleUpdaterInternalService123.0.6288.0; C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ATENCIÓN
S2 GoogleUpdaterService123.0.6288.0; C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ATENCIÓN
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-02-19] (Malwarebytes Inc. -> Malwarebytes)
R2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [74336 2023-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [154216 2023-08-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [36880 2023-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.23.10.10\NortonSecurity.exe [344888 2023-11-06] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.23.10.10\nsWscSvc.exe [1059176 2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534592 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [20992824 2023-10-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2023-07-25] () [Archivo no firmado]
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [807352 2024-01-15] (Oracle Corporation -> Oracle and/or its affiliates)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-09-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-09-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [19456 2023-07-25] () [Archivo no firmado]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_d3828c822366e497\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_d3828c822366e497\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R3 AcxHdAudio; C:\WINDOWS\System32\drivers\AcxHdAudio.sys [561152 2023-10-29] (Microsoft Windows -> Microsoft Corporation)
R3 aqnic650; C:\WINDOWS\System32\drivers\aqnic650.sys [207672 2020-05-04] (Aquantia Corp. -> Aquantia Corporation)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.23.6.5\Definitions\BASHDefs\20240221.001\BHDrvx64.sys [1706512 2023-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Archivo no firmado]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\16170A0.00A\ccSetx64.sys [198280 2023-11-06] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 DPMDriver; C:\WINDOWS\System32\drivers\DPMDriver.sys [139680 2023-08-07] (IndiLogic LLC -> Dell Inc.)
S3 e2fexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e2f.inf_amd64_f00467d5bba0b3ef\e2f.sys [525480 2022-03-17] (Intel Corporation -> Intel Corporation)
R3 e2fnexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e2fn.inf_amd64_fcb868ac03f43b71\e2fn.sys [1427528 2023-07-04] (Intel Corporation -> Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527832 2023-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2023-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_774a66f35d00ad3d\iaLPSS2_GPIO2_ADL.sys [140960 2022-06-22] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_cb8dd04b85ac9a58\iaLPSS2_GPIO2_TGL.sys [128680 2020-12-23] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_I2C_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_1ebed6f33a1c1014\iaLPSS2_I2C_ADL.sys [210600 2022-06-22] (Intel Corporation -> Intel Corporation)
S0 iaStorVD; C:\WINDOWS\System32\drivers\iaStorVD.sys [1605296 2022-08-25] (Intel Corporation -> Intel Corporation)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.23.6.5\Definitions\IPSDefs\20240221.064\IDSvia64.sys [1554400 2023-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_04d4eecc5838a558\gna.sys [88784 2022-08-10] (Intel Corporation -> Intel Corporation)
S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47928 2018-04-30] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\16170A0.00A\nsvst.sys [57120 2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [32424 2023-07-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
S3 rt25cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt25cx21x64.inf_amd64_447a9570dbb12464\rt25cx21x64.sys [620456 2022-03-25] (Realtek Semiconductor Corp. -> Realtek)
R3 RtkUsbAD_2353; C:\WINDOWS\System32\DriverStore\FileRepository\rtdusbad_msi.inf_amd64_df0242d5fa2ca1e1\RtUsbA64.sys [497560 2023-03-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\16170A0.00A\SRTSP64.SYS [956048 2023-11-06] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\16170A0.00A\SRTSPX64.SYS [52872 2023-11-06] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\16170A0.00A\SYMEFASI64.SYS [2180248 2023-11-06] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\16170A0.00A\SymELAM.sys [36016 2023-11-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100344 2023-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.23.6.5\SymPlatform\SymEvnt.sys [722400 2022-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\16170A0.00A\Ironx64.SYS [306824 2023-11-06] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\16170A0.00A\symnets.sys [492728 2023-11-06] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [254664 2024-01-15] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [265536 2024-01-15] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1064064 2024-01-15] (Oracle Corporation -> Oracle and/or its affiliates)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55872 2023-09-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [574872 2023-09-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2023-09-12] (Microsoft Windows -> Microsoft Corporation)
R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\16170A0.00A\wpCtrlDrv.sys [1016792 2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 HWiNFO_180; \??\C:\Users\ADMINI~1\AppData\Local\Temp\HWiNFO64A_180.SYS [X] <==== ATENCIÓN
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)Lo pongo en varios post que pone que no cabe todo en uno solo.
==================== Un mes (creado) (Lista blanca) =========
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2024-02-22 18:56 - 2024-02-22 18:57 - 000038866 _____ C:\Users\bilun\Desktop\FRST.txt
2024-02-22 18:56 - 2024-02-22 18:57 - 000000000 ____D C:\FRST
2024-02-22 18:55 - 2024-02-22 18:55 - 002386944 _____ (Farbar) C:\Users\bilun\Desktop\FRST64.exe
2024-02-22 16:10 - 2024-02-22 16:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2024-02-22 15:49 - 2024-02-22 15:49 - 000000430 _____ C:\ProgramData\ntuser.pol
2024-02-22 15:37 - 2024-02-22 15:37 - 000000000 ____D C:\Users\bilun\AppData\Roaming\Ookla
2024-02-22 15:37 - 2022-07-28 00:29 - 002264064 _____ C:\Users\bilun\Desktop\speedtest.exe
2024-02-22 15:37 - 2022-07-28 00:29 - 000013759 _____ C:\Users\bilun\Desktop\speedtest.md
2024-02-22 15:33 - 2024-02-22 15:33 - 000974003 _____ C:\Users\bilun\Downloads\ookla-speedtest-1.2.0-win64.zip
2024-02-22 15:30 - 2024-02-22 15:30 - 056212480 _____ C:\Users\bilun\Downloads\speedtestbyookla_x64.msi
2024-02-22 15:30 - 2024-02-22 15:30 - 000000000 ____D C:\Users\bilun\AppData\LocalLow\Ookla
2024-02-22 15:30 - 2024-02-22 15:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speedtest By Ookla
2024-02-22 15:30 - 2024-02-22 15:30 - 000000000 ____D C:\Program Files\Speedtest
2024-02-22 14:45 - 2024-02-22 14:45 - 000000000 ____D C:\Users\bilun\AppData\LocalLow\Brother
2024-02-22 00:20 - 2024-02-22 00:20 - 000806166 _____ C:\WINDOWS\system32\perfh00A.dat
2024-02-22 00:20 - 2024-02-22 00:20 - 000162858 _____ C:\WINDOWS\system32\perfc00A.dat
2024-02-22 00:03 - 2024-02-22 00:03 - 000045991 _____ C:\Users\bilun\Desktop\ZHPCleaner (R).html
2024-02-22 00:03 - 2024-02-22 00:03 - 000027611 _____ C:\Users\bilun\Desktop\ZHPCleaner (R).txt
2024-02-21 23:44 - 2024-02-21 23:44 - 000046644 _____ C:\Users\bilun\Desktop\ZHPCleaner (S).html
2024-02-21 23:44 - 2024-02-21 23:44 - 000028350 _____ C:\Users\bilun\Desktop\ZHPCleaner (S).txt
2024-02-21 21:51 - 2024-02-21 21:51 - 000000000 ____D C:\Program Files\AqnicDriver
2024-02-21 21:47 - 2024-02-21 21:47 - 000003599 _____ C:\Users\bilun\Desktop\Actualizo 2 Te envío el ultimo info.txt
2024-02-21 21:24 - 2024-02-21 21:24 - 000000000 ___HD C:\OneDriveTemp
2024-02-21 20:18 - 2024-02-21 20:18 - 003364000 _____ (Nicolas Coolman) C:\Users\bilun\ZHPCleaner.exe
2024-02-21 17:36 - 2024-02-21 17:38 - 000000128 _____ C:\Users\bilun\AppData\LocalLow\21f6daa7cd9e8652ffb911739be2d3fd2ae60a02e1d909b0fd310730467cd329
2024-02-21 17:36 - 2024-02-21 17:37 - 000029068 _____ C:\Users\bilun\AppData\LocalLow\756473755177e9cdcd56d66e4481c54170346e4374f7745e7eaa137fcde5c531
2024-02-21 16:18 - 2024-02-21 16:18 - 000001148 _____ C:\Users\bilun\Downloads\server (6).met
2024-02-21 16:18 - 2024-02-21 16:18 - 000001148 _____ C:\Users\bilun\Downloads\server (5).met
2024-02-21 16:18 - 2024-02-21 16:18 - 000001148 _____ C:\Users\bilun\Downloads\server (4).met
2024-02-21 16:18 - 2024-02-21 16:18 - 000001148 _____ C:\Users\bilun\Downloads\server (3).met
2024-02-21 16:18 - 2024-02-21 16:18 - 000001148 _____ C:\Users\bilun\Downloads\server (2).met
2024-02-21 16:18 - 2024-02-21 16:18 - 000001148 _____ C:\Users\bilun\Downloads\server (1).met
2024-02-21 16:17 - 2024-02-21 16:17 - 000001148 _____ C:\Users\bilun\Downloads\server.met
2024-02-21 13:25 - 2024-02-21 13:25 - 000003850 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2024-02-21 13:25 - 2024-02-21 13:25 - 000003408 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2024-02-21 13:24 - 2024-02-21 13:24 - 000002672 _____ C:\Users\bilun\Desktop\eset.txt
2024-02-21 10:01 - 2024-02-21 13:31 - 000001385 _____ C:\Users\bilun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-02-21 10:01 - 2024-02-21 13:31 - 000001279 _____ C:\Users\bilun\Desktop\ESET Online Scanner.lnk
2024-02-21 10:01 - 2024-02-21 10:01 - 000000000 ____D C:\Users\bilun\AppData\Local\ESET
2024-02-21 10:00 - 2024-02-21 10:01 - 015274968 _____ (ESET) C:\Users\bilun\Downloads\esetonlinescanner.exe
2024-02-21 09:47 - 2024-02-21 09:47 - 000004937 _____ C:\Users\bilun\Desktop\ZHPCleaner.txt
2024-02-19 23:47 - 2024-02-22 00:03 - 000000000 ____D C:\Users\bilun\AppData\Roaming\ZHP
2024-02-19 23:47 - 2024-02-21 20:18 - 000000741 _____ C:\Users\bilun\Desktop\ZHPCleaner.lnk
2024-02-19 23:47 - 2024-02-19 23:47 - 000000000 ____D C:\Users\bilun\AppData\Local\ZHP
2024-02-19 23:42 - 2024-02-19 23:47 - 003364000 _____ (Nicolas Coolman) C:\Users\bilun\Desktop\ZHPCleaner.exe
2024-02-19 17:27 - 2024-02-19 17:27 - 000001856 _____ C:\Users\bilun\Desktop\AdwCleaner[C00].txt
2024-02-19 17:25 - 2024-02-19 17:26 - 000000000 ____D C:\AdwCleaner
2024-02-19 16:38 - 2024-02-19 16:38 - 000004591 _____ C:\Users\bilun\Desktop\malware.txt
2024-02-19 15:33 - 2024-02-19 17:25 - 008797968 _____ (Malwarebytes) C:\Users\bilun\Downloads\adwcleaner (1).exe
2024-02-19 15:31 - 2024-02-19 15:33 - 008797968 _____ (Malwarebytes) C:\Users\bilun\Downloads\adwcleaner.exe
2024-02-19 11:53 - 2024-02-19 11:53 - 000000000 ____D C:\Users\bilun\AppData\Local\mbam
2024-02-19 11:43 - 2024-02-22 13:28 - 000000000 ____D C:\Users\bilun\AppData\Local\Malwarebytes
2024-02-19 11:43 - 2024-02-19 11:43 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-02-19 11:43 - 2024-02-19 11:43 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-02-19 11:43 - 2024-02-19 11:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-02-19 11:43 - 2024-02-19 11:43 - 000000000 ____D C:\Program Files\Malwarebytes
2024-02-19 11:40 - 2024-02-19 11:40 - 002582384 _____ (Malwarebytes) C:\Users\bilun\Downloads\MBSetup.exe
2024-02-19 11:05 - 2024-02-22 13:28 - 000000000 ____D C:\Program Files\CCleaner
2024-02-19 11:05 - 2024-02-21 09:47 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-02-19 11:05 - 2024-02-19 16:42 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-02-19 11:05 - 2024-02-19 15:24 - 000003380 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-02-19 11:05 - 2024-02-19 11:05 - 000002896 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - bilun
2024-02-19 11:05 - 2024-02-19 11:05 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2024-02-19 11:05 - 2024-02-19 11:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2024-02-19 11:03 - 2024-02-19 11:03 - 078179840 _____ (Piriform Software Ltd) C:\Users\bilun\Downloads\ccsetup619.exe
2024-02-18 21:57 - 2024-02-18 22:05 - 1503920128 _____ C:\Users\bilun\Downloads\MO 10.13 HS B2.rar
2024-02-18 15:52 - 2024-02-18 16:05 - 3988783104 _____ C:\Users\bilun\Downloads\Highsierra.iso
2024-02-18 15:48 - 2024-02-18 17:01 - 000001494 _____ C:\Users\bilun\Downloads\Script.txt
2024-02-18 15:07 - 2024-02-18 22:26 - 000000000 ____D C:\Users\bilun\VirtualBox VMs
2024-02-18 13:31 - 2024-02-18 22:26 - 000000000 ____D C:\Users\bilun\.VirtualBox
2024-02-18 13:31 - 2024-02-18 20:45 - 000000000 ____D C:\ProgramData\VirtualBox
2024-02-18 13:31 - 2024-02-18 13:31 - 000001156 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2024-02-18 13:31 - 2024-02-18 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2024-02-18 13:31 - 2024-01-15 07:35 - 001064064 _____ (Oracle and/or its affiliates) C:\WINDOWS\system32\Drivers\VBoxSup.sys
2024-02-18 13:31 - 2024-01-15 07:35 - 000204328 _____ (Oracle and/or its affiliates) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2024-02-18 13:30 - 2024-02-18 13:30 - 000000000 ____D C:\Program Files\Oracle
2024-02-18 13:27 - 2024-02-18 13:27 - 111161880 _____ (Oracle and/or its affiliates) C:\Users\bilun\Downloads\VirtualBox-7.0.14-161095-Win.exe
2024-02-18 13:14 - 2024-02-18 13:15 - 000000000 ____D C:\Users\bilun\Downloads\github.com-widevinedump-Netflix-4K-Script_-_2021-12-23_11-01-26
2024-02-18 13:13 - 2024-02-18 13:13 - 000007744 _____ C:\Users\bilun\Downloads\github.com-widevinedump-Netflix-4K-Script_-_2021-12-23_11-01-26_archive.torrent
2024-02-18 12:32 - 2024-02-18 12:32 - 000906821 _____ C:\Users\bilun\Downloads\rtmpdump-2.3-windows.zip
2024-02-18 12:32 - 2024-02-18 12:32 - 000000000 ____D C:\WINDOWS\system32\librtmp
2024-02-18 12:32 - 2010-06-30 21:02 - 000398259 _____ C:\WINDOWS\system32\rtmpdump.exe
2024-02-18 12:32 - 2010-06-30 21:02 - 000394510 _____ C:\WINDOWS\system32\rtmpgw.exe
2024-02-18 12:32 - 2010-06-30 21:02 - 000387476 _____ C:\WINDOWS\system32\rtmpsuck.exe
2024-02-18 12:32 - 2010-06-30 21:02 - 000387220 _____ C:\WINDOWS\system32\rtmpsrv.exe
2024-02-18 12:32 - 2010-06-30 20:51 - 000008600 _____ C:\WINDOWS\system32\README
2024-02-18 12:32 - 2010-06-30 19:53 - 000011053 _____ C:\WINDOWS\system32\rtmpdump.1.html
2024-02-18 12:32 - 2010-06-30 19:53 - 000010562 _____ C:\WINDOWS\system32\rtmpgw.8.html
2024-02-18 12:32 - 2010-06-30 19:53 - 000009677 _____ C:\WINDOWS\system32\ChangeLog
2024-02-18 12:32 - 2010-06-30 19:53 - 000008062 _____ C:\WINDOWS\system32\rtmpdump.1
2024-02-18 12:32 - 2010-06-30 19:53 - 000007789 _____ C:\WINDOWS\system32\rtmpgw.8
2024-02-18 12:32 - 2010-01-04 21:59 - 000018326 _____ C:\WINDOWS\system32\COPYING
2024-02-18 12:19 - 2024-02-18 12:33 - 000000000 ____D C:\Program Files (x86)\FlashGet
2024-02-18 12:19 - 2024-02-18 12:19 - 000000000 ____D C:\Users\bilun\AppData\Roaming\FlashGet
2024-02-18 12:16 - 2024-02-18 12:16 - 000032514 _____ C:\Users\bilun\Downloads\webvideocap.zip
2024-02-18 11:56 - 2024-02-18 12:15 - 000000000 ____D C:\Users\bilun\AppData\Roaming\MovPilot Netflix Video Downloader
2024-02-18 11:56 - 2024-02-18 11:56 - 000000000 ____D C:\Users\bilun\Documents\MovPilot Netflix Video Downloader
2024-02-18 11:56 - 2024-02-18 11:56 - 000000000 ____D C:\Users\bilun\AppData\Local\netflix-downloader-updater
2024-02-18 11:46 - 2024-02-18 11:46 - 148270800 _____ C:\Users\bilun\Downloads\movpilot-netflix-dl.exe
2024-02-18 11:43 - 2024-02-18 11:43 - 000000000 _____ C:\ProgramData\GIJDAFBKFI.exe
2024-02-18 11:43 - 2024-02-17 17:28 - 002307671 _____ C:\ProgramData\AnyStream_Apreso_AudioVideo_v1_keygen_by_KeyGenGuru.zip
2024-02-18 11:43 - 2023-12-29 20:09 - 000170675 _____ C:\ProgramData\52a49900b85f9 (1).jpeg
2024-02-18 11:43 - 2023-03-12 16:07 - 001221120 _____ () C:\ProgramData\NFAuthenticationKey.exe
2024-02-18 11:42 - 2024-02-19 12:54 - 000000000 ____D C:\Users\bilun\AppData\Roaming\winmm
2024-02-18 11:29 - 2024-02-18 11:30 - 089993360 _____ (FreeGrabApp LLC ) C:\Users\bilun\Downloads\FlixGrab (1).exe
2024-02-18 11:28 - 2024-02-18 11:28 - 080378258 _____ C:\Users\bilun\Downloads\Fli1xGrab 5.3.12.120 Premium.rar
2024-02-18 11:24 - 2024-02-18 11:24 - 004735488 _____ C:\Users\bilun\Downloads\install (2).msi
2024-02-18 11:23 - 2024-02-18 11:23 - 004735488 _____ C:\Users\bilun\Downloads\install (1).msi
2024-02-18 11:23 - 2024-02-18 11:23 - 003356640 _____ (Opera Software) C:\Users\bilun\Downloads\OperaGXSetup (4).exe
2024-02-18 11:18 - 2024-02-18 11:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeGrabApp
2024-02-18 11:18 - 2024-02-18 11:46 - 000000000 ____D C:\ProgramData\FreeGrabApp
2024-02-18 11:08 - 2024-02-18 11:14 - 089993360 _____ (FreeGrabApp LLC ) C:\Users\bilun\Downloads\FlixGrab.exe
2024-02-18 11:01 - 2024-02-18 11:02 - 082860306 _____ C:\Users\bilun\Downloads\FlixGrab.Premium.5.3.12.120 -- XYZ.rar
2024-02-18 10:59 - 2024-02-18 11:00 - 004735488 _____ C:\Users\bilun\Downloads\install.msi
2024-02-17 17:28 - 2024-02-17 17:28 - 002307931 _____ C:\Users\bilun\Downloads\AnyStream_Apreso_AudioVideo_v1_keygen_by_KeyGenGuru.zip
2024-02-17 17:22 - 2024-02-17 17:22 - 122791576 _____ C:\Users\bilun\Downloads\SetupAnyStream_1.8.3.0_64bit.exe
2024-02-17 17:18 - 2024-02-17 17:18 - 076177080 _____ C:\Users\bilun\Downloads\AnyStream__Application_65d0dc5f48c5d.zip
2024-02-17 15:30 - 2024-02-17 15:30 - 000000000 ___RD C:\Users\bilun\AppData\Roaming\Brother
2024-02-17 14:09 - 2024-02-17 14:09 - 000409904 _____ (MiPony ) C:\Users\bilun\Downloads\Mipony-Installer.exe
2024-02-17 14:01 - 2024-02-17 14:01 - 000000000 ____D C:\Users\bilun\Downloads\katfile.com
2024-02-17 13:59 - 2024-02-17 13:59 - 000000000 ____D C:\Users\bilun\AppData\Local\Softdeluxe
2024-02-17 13:58 - 2024-02-17 13:58 - 043233736 _____ (Softdeluxe ) C:\Users\bilun\Downloads\fdm_x64_setup.exe
2024-02-17 13:43 - 2024-02-17 13:43 - 000000000 ____D C:\Users\bilun\AppData\Roaming\AndroidTbox
2024-02-17 13:39 - 2024-02-18 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
2024-02-16 17:49 - 2024-02-16 17:49 - 000000763 _____ C:\Users\bilun\Desktop\WaitingMessage.html
2024-02-16 17:49 - 2024-02-16 17:49 - 000000259 _____ C:\Users\bilun\Desktop\settings.json
2024-02-16 17:33 - 2024-02-17 16:41 - 000000000 ____D C:\Users\bilun\AppData\Roaming\Kodi
2024-02-16 17:33 - 2024-02-16 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2024-02-16 17:33 - 2024-02-16 17:33 - 000000000 ____D C:\Program Files\Kodi
2024-02-16 17:32 - 2024-02-16 17:33 - 082016143 _____ (XBMC Foundation) C:\Users\bilun\Downloads\kodi-20.4-Nexus-x64.exe
2024-02-15 23:48 - 2024-02-15 23:49 - 000000000 ____D C:\Users\bilun\Desktop\NFAuthenticationKey
2024-02-15 23:18 - 2024-02-17 23:10 - 000000000 ____D C:\Users\bilun\Desktop\BrowserTempData
2024-02-15 22:37 - 2023-03-12 16:07 - 001221120 _____ () C:\Users\bilun\Desktop\NFAuthenticationKey.exe
2024-02-15 22:31 - 2024-02-15 22:31 - 000416695 _____ C:\Users\bilun\Downloads\NFAuthenticationKey_Windows_1.2.2.2.zip
2024-02-15 21:47 - 2024-02-15 21:47 - 028981455 _____ C:\Users\bilun\Downloads\Apkmodi_3.2.26_680_ef8092.apk
2024-02-15 21:45 - 2024-02-15 21:45 - 003356608 _____ (Opera Software) C:\Users\bilun\Downloads\OperaGXSetup (3).exe
2024-02-15 20:43 - 2024-02-15 20:45 - 804084860 _____ C:\Users\bilun\Downloads\nx-tab-beta2.75-20230705-rel.7z
2024-02-15 18:42 - 2024-02-15 18:42 - 003450370 _____ C:\Users\bilun\Downloads\Blocklayer_1708018977.pdf
2024-02-15 18:39 - 2024-02-15 18:39 - 003450370 _____ C:\Users\bilun\Downloads\Blocklayer_1708018753.pdf
2024-02-15 16:47 - 2024-02-15 16:47 - 000882885 _____ C:\Users\bilun\Downloads\nxmtp.nro
2024-02-15 16:47 - 2024-02-15 16:47 - 000000854 _____ C:\Users\bilun\Downloads\nxmtp-0.1.5.zip
2024-02-14 22:16 - 2024-02-14 22:16 - 003531995 _____ C:\Users\bilun\Downloads\Nro2Nsp.3.3.6.-.Beta.4.zip
2024-02-14 15:19 - 2024-02-14 15:19 - 000000000 ____D C:\Users\bilun\AppData\Roaming\mpv
2024-02-14 15:19 - 2024-02-14 15:19 - 000000000 ____D C:\Users\bilun\AppData\Local\mpv
2024-02-14 15:18 - 2024-02-14 15:18 - 030506429 _____ C:\Users\bilun\Downloads\mpv-x86_64-v3-20240211-git-f5c4f0b.7z
2024-02-14 00:37 - 2024-02-14 00:37 - 000019222 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-14 00:36 - 2024-02-14 00:36 - 000019222 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-02-14 00:34 - 2024-02-14 00:35 - 000000000 ___HD C:\$WinREAgent
2024-02-13 23:52 - 2021-01-26 16:32 - 000000000 ____D C:\Users\bilun\Desktop\pplay
2024-02-13 23:44 - 2024-02-13 23:44 - 003160843 _____ C:\Users\bilun\Desktop\pplay-3.4.zip
2024-02-13 23:43 - 2024-02-13 23:43 - 015133095 _____ C:\Users\bilun\Desktop\pplay-3.4_switch.zip
2024-02-13 22:00 - 2024-02-13 22:00 - 000000000 ____D C:\Users\bilun\Downloads\Overcooked 1+2 [NSZ]
2024-02-13 12:21 - 2024-02-13 12:21 - 000256818 _____ C:\Users\bilun\Downloads\condiciones-compromiso-de-permanencia-es-20220701.pdf
2024-02-13 10:37 - 2024-02-13 10:52 - 000000000 ____D C:\Users\bilun\Downloads\MGS Master Collection [NSP]
2024-02-12 22:08 - 2024-02-12 22:09 - 000000000 ____D C:\Users\bilun\Downloads\GTA The Trilogy [NSP]
2024-02-12 21:39 - 2024-02-12 21:39 - 000448652 _____ C:\Users\bilun\Desktop\il_1588xN.4589776761_c40o.webp
2024-02-12 19:41 - 2024-02-12 19:42 - 000000000 ____D C:\Users\bilun\Downloads\Unpacking [NSZ]
2024-02-12 15:59 - 2024-02-12 15:59 - 000000496 _____ C:\Users\bilun\Downloads\LEE ESTO, IMPORTANTE.txt
2024-02-12 13:12 - 2024-02-12 13:13 - 000000000 ____D C:\Users\bilun\Downloads\Nintendo 64 Nintendo Switch Online [NSP]
2024-02-11 20:30 - 2024-02-11 20:34 - 2938453785 _____ C:\Users\bilun\Downloads\ACTUALIZACIÓN.nsp
2024-02-11 20:29 - 2024-02-11 20:30 - 251650852 _____ C:\Users\bilun\Downloads\MODS_XAMORKLOCKE.rar
2024-02-11 19:56 - 2024-02-11 20:04 - 702767616 _____ C:\Users\bilun\Downloads\Pokemon Diamante Brillante.xci
2024-02-11 16:21 - 2024-02-11 16:22 - 000000000 ____D C:\Users\bilun\Desktop\Games
2024-02-11 15:22 - 2024-02-11 15:23 - 680859522 _____ C:\Users\bilun\Downloads\Software File(Version 05.05.90).zip
2024-02-10 17:29 - 2024-02-10 17:29 - 033554432 _____ C:\Users\bilun\Desktop\legends-red-v1.5.gba
2024-02-10 09:37 - 2024-02-10 09:45 - 1547777243 _____ C:\Users\bilun\Downloads\2.0.2F-1-2-0-2-1699148227.zip
2024-02-09 21:34 - 2024-02-09 21:34 - 018460642 _____ C:\Users\bilun\Downloads\PACK_CFW_NINTRICKS v17.0.1 (1).zip
2024-02-09 18:21 - 2024-02-09 18:22 - 398779659 _____ C:\Users\bilun\Downloads\SwitchMod 17.0.0 downgrader 16.1.0.rar
2024-02-09 17:14 - 2024-02-22 18:31 - 000027951 _____ C:\Users\bilun\AppData\LocalLow\c8eaaf1a6b75c186ddec75fa298f9c2faecccaa8e3ac8b5df76df0dec06175bb
2024-02-09 17:14 - 2024-02-22 18:31 - 000000128 _____ C:\Users\bilun\AppData\LocalLow\963ff56f90cc53373ce74883a9beab3444359720a5fddb8b87ddf90882740e21
2024-02-09 16:04 - 2024-02-09 16:04 - 000006035 _____ C:\Users\bilun\Downloads\SystemRestoreV3.te
2024-02-09 16:03 - 2024-02-09 16:03 - 000123241 _____ C:\Users\bilun\Downloads\TegraExplorer.bin
2024-02-09 16:02 - 2024-02-09 16:02 - 009976832 _____ C:\Users\bilun\Downloads\TegraRcmGUI_v2.6_Installer (1).msi
2024-02-09 16:01 - 2024-02-09 16:01 - 001221473 _____ C:\Users\bilun\Downloads\EmmcHaccGen.2.2.3.7z
2024-02-09 16:01 - 2024-02-09 16:01 - 000634601 _____ C:\Users\bilun\Downloads\hekate_ctcaer_5.8.0_Nyx_1.3.0.zip
2024-02-09 15:15 - 2024-02-09 15:15 - 009779657 _____ C:\Users\bilun\Downloads\5.2.Rekado.100.-release.apk
2024-02-09 14:51 - 2024-02-18 22:54 - 000000000 ____D C:\Users\bilun\AppData\Local\Discord
2024-02-09 14:51 - 2024-02-18 22:53 - 000000000 ____D C:\Users\bilun\AppData\Roaming\discord
2024-02-09 14:51 - 2024-02-09 14:51 - 000000000 ____D C:\Users\bilun\AppData\Local\SquirrelTemp
2024-02-08 23:26 - 2024-02-08 23:26 - 000056167 _____ C:\Users\bilun\Downloads\Hekate+AMS-package3-sigpatches-1.6.2-cfw-17.0.0.zip
2024-02-02 13:40 - 2024-02-02 13:40 - 000003670 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2024-02-02 13:40 - 2024-01-05 17:19 - 000047240 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2024-01-26 21:27 - 2024-01-26 21:27 - 024267405 _____ C:\Users\bilun\Downloads\PKHeX (24.01.12).zip
2024-01-26 16:35 - 2024-01-26 16:35 - 000637732 _____ C:\Users\bilun\Downloads\formulariFAM021SOLC240126163448 (1).pdf
2024-01-26 16:34 - 2024-01-26 16:34 - 000637729 _____ C:\Users\bilun\Downloads\formulariFAM021SOLC240126163448.pdf
2024-01-25 15:54 - 2023-02-10 00:52 - 100185424 _____ C:\Users\bilun\Desktop\Game Boy™ Advance – Nintendo Switch Online [010012F017576000][v0].nsp
2024-01-25 15:51 - 2024-01-25 15:51 - 100186046 _____ C:\Users\bilun\Downloads\Game Boy™ Advance – Nintendo Switch Online [010012F017576000][v0].rar
2024-01-25 14:44 - 2024-01-25 14:44 - 003356552 _____ (Opera Software) C:\Users\bilun\Downloads\OperaGXSetup (2).exe
2024-01-24 21:38 - 2024-01-24 21:38 - 018460642 _____ C:\Users\bilun\Downloads\PACK_CFW_NINTRICKS v17.0.1.zip
2024-01-24 21:17 - 2024-01-24 21:17 - 000077824 _____ ( ) C:\Users\bilun\Downloads\guiformat.exe
2024-01-24 16:55 - 2024-01-24 16:55 - 229332092 _____ C:\Users\bilun\Downloads\Update.Build.13218815.zip
2024-01-24 13:49 - 2024-01-24 14:14 - 477261625 _____ C:\Users\bilun\Downloads\Palworld.Early.Access.zip
2024-01-24 13:47 - 2024-02-19 16:40 - 000000000 ____D C:\Users\bilun\AppData\Roaming\uTorrent Web
2024-01-24 12:34 - 2024-01-24 12:34 - 000452487 _____ C:\Users\bilun\Downloads\208648528.pdf
2024-01-23 14:59 - 2024-02-15 16:49 - 000000000 ____D C:\Users\bilun\AppData\Roaming\TegraRcmGUI
2024-01-23 14:59 - 2024-02-09 16:02 - 000001989 _____ C:\Users\Public\Desktop\TegraRcmGUI.lnk
2024-01-23 14:59 - 2024-02-09 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TegraRcmGUI
2024-01-23 14:59 - 2024-02-09 16:02 - 000000000 ____D C:\Program Files (x86)\TegraRcmGUI
2024-01-23 14:58 - 2024-01-23 14:58 - 009976832 _____ C:\Users\bilun\Downloads\TegraRcmGUI_v2.6_Installer.msi
2024-01-23 14:44 - 2024-01-23 14:44 - 009319474 _____ C:\Users\bilun\Downloads\TegraRcmGUI_v2.6_portable.zip
2024-01-23 12:36 - 2024-02-15 13:00 - 000002369 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2024-01-23 12:36 - 2024-02-15 13:00 - 000002328 _____ C:\Users\Public\Desktop\Brave.lnk
2024-01-23 12:36 - 2024-01-23 12:36 - 000000000 ____D C:\ProgramData\BraveSoftware
2024-01-23 12:36 - 2024-01-23 12:36 - 000000000 ____D C:\Program Files\BraveSoftware
2024-01-23 12:35 - 2024-01-23 12:40 - 000003720 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA{C8729FAE-886C-40C8-B50B-30E36C32822A}
2024-01-23 12:35 - 2024-01-23 12:40 - 000003596 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore{16DB8815-6967-43E7-8438-3486593957B5}
2024-01-23 12:35 - 2024-01-23 12:36 - 000000000 ____D C:\Users\bilun\AppData\Local\BraveSoftware
2024-01-23 12:35 - 2024-01-23 12:35 - 001446480 _____ (BraveSoftware Inc.) C:\Users\bilun\Downloads\BraveBrowserSetup-VPM885.exe
2024-01-23 12:35 - 2024-01-23 12:35 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2024-02-22 18:49 - 2023-11-01 08:14 - 000000000 ____D C:\Users\bilun\AppData\Local\Norton
2024-02-22 18:41 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-22 18:34 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-22 18:12 - 2023-12-10 19:16 - 000025438 _____ C:\Users\bilun\AppData\LocalLow\42a51546fe6f8cff8752672bcf666628dc6db996acc8cfc96251275b1dc1b733
2024-02-22 18:08 - 2023-12-10 19:16 - 000847669 _____ C:\Users\bilun\AppData\LocalLow\82d003cc429f8430103aca15db56d2d868a65fa3704d0338615a8afd3cb6f5c0
2024-02-22 17:56 - 2022-11-25 08:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-22 15:49 - 2023-12-28 11:48 - 000011196 _____ C:\Users\bilun\AppData\LocalLow\700a2107ce086fa8f3b01f6a29680ec302a8a1c80e47c0596ef64bd8cbbdd6d3
2024-02-22 15:46 - 2021-06-05 13:10 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2024-02-22 15:30 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-22 15:03 - 2023-11-24 16:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2024-02-22 14:07 - 2023-10-26 18:38 - 000000000 ___RD C:\Users\bilun\OneDrive
2024-02-22 14:00 - 2023-12-10 19:16 - 000000128 _____ C:\Users\bilun\AppData\LocalLow\87cf5975c8ee4ea8fba54a5c85338be84348542aebb9248fc2997b576b0f90aa
2024-02-22 14:00 - 2023-10-26 18:36 - 000000000 ____D C:\Users\bilun\AppData\Local\D3DSCache
2024-02-22 13:34 - 2021-10-01 10:12 - 000000000 ____D C:\ProgramData\NVIDIA
2024-02-22 13:28 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-22 00:20 - 2022-11-25 08:52 - 001807552 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-22 00:20 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-02-22 00:12 - 2023-12-10 21:16 - 000031209 _____ C:\Users\bilun\AppData\LocalLow\abec66d1aaaf3a3865a2e9603304c291e22e8ef80f46a4b0289b0e78738d6034
2024-02-22 00:12 - 2023-12-10 21:16 - 000000128 _____ C:\Users\bilun\AppData\LocalLow\f4cddfc501fe11bcfd874eb674fd1b0110f128bed6871a548cf83ab181b52fc7
2024-02-22 00:12 - 2023-11-05 09:10 - 000000000 ____D C:\Program Files\TeamViewer
2024-02-22 00:12 - 2023-10-26 20:35 - 000000000 ____D C:\MSI
2024-02-22 00:12 - 2022-11-25 08:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-22 00:12 - 2021-10-01 08:04 - 000000000 ____D C:\Intel
2024-02-22 00:12 - 2021-10-01 07:55 - 000012288 ___SH C:\DumpStack.log.tmp
2024-02-22 00:11 - 2022-05-07 06:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-02-21 23:39 - 2023-12-22 13:16 - 000619513 _____ C:\Users\bilun\AppData\LocalLow\c861ec18932f21cd58c21f4b575346b5d7cb76b1f812575a369fe9d830b6de44
2024-02-21 21:54 - 2023-12-22 13:16 - 000000460 _____ C:\Users\bilun\AppData\LocalLow\62a87b51737c19b482f535744fdfb833b4a2ea2f1057a62ff3887e3f770b9ee0
2024-02-21 21:16 - 2023-10-26 18:36 - 000000000 ____D C:\Users\bilun\AppData\Local\Packages
2024-02-21 21:16 - 2021-10-01 07:57 - 000000000 ____D C:\ProgramData\Packages
2024-02-21 20:18 - 2023-10-27 11:13 - 000000000 ____D C:\Users\bilun\AppData\Local\JDownloader 2.0
2024-02-21 20:18 - 2023-10-26 18:31 - 000000000 ____D C:\Users\bilun
2024-02-21 17:23 - 2023-10-28 13:14 - 000000000 ____D C:\Users\bilun\Downloads\Telegram Desktop
2024-02-21 16:24 - 2023-10-28 13:09 - 000000000 ____D C:\Users\bilun\AppData\Roaming\Telegram Desktop
2024-02-21 13:46 - 2023-12-10 19:11 - 000137233 _____ C:\Users\bilun\AppData\LocalLow\d5e314518cb799af79a4b8ac6da3af13048156917ab0052cc186ce25178c516c
2024-02-21 10:35 - 2024-01-22 15:26 - 036087939 _____ C:\Users\bilun\Downloads\FuLL_lSetup_D0wnl0aded.zip
2024-02-21 10:24 - 2022-06-21 07:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2024-02-21 10:24 - 2022-06-21 07:40 - 000000000 ____D C:\Program Files (x86)\AIMP3
2024-02-21 09:44 - 2023-10-30 02:32 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2024-02-21 09:43 - 2023-10-27 10:13 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000000-000000.txt
2024-02-20 12:53 - 2023-12-10 19:11 - 000000128 _____ C:\Users\bilun\AppData\LocalLow\4dc2fef2ec692101bff0c2cbb2b26f2a148593fb24bf997e04c5738491292f9e
2024-02-19 16:40 - 2023-10-28 07:03 - 000000000 ____D C:\Users\bilun\AppData\Local\BitTorrentHelper
2024-02-19 11:43 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-02-19 11:01 - 2023-10-28 07:00 - 000000000 ____D C:\Users\bilun\AppData\Local\CrashDumps
2024-02-18 23:26 - 2023-10-27 10:04 - 000000000 ____D C:\Users\bilun\AppData\Roaming\vlc
2024-02-18 22:53 - 2023-10-30 21:21 - 000000000 ____D C:\ProgramData\RedFox
2024-02-18 22:53 - 2023-10-30 21:21 - 000000000 ____D C:\Program Files\RedFox
2024-02-18 20:45 - 2023-12-28 11:48 - 000000128 _____ C:\Users\bilun\AppData\LocalLow\09401114998b03a2a1396f324890b24aba7c964759f0f0c683714894802c7910
2024-02-18 16:01 - 2023-10-26 18:31 - 000000000 ____D C:\Users\bilun\AppData\Roaming\Microsoft\Windows
2024-02-18 15:31 - 2023-10-26 20:29 - 000000000 ____D C:\Program Files (x86)\eMule
2024-02-18 12:17 - 2023-12-09 19:35 - 000020132 _____ C:\Users\bilun\AppData\LocalLow\f5799074858c8a601994a7c48bfe21c55addd7ecbe1928a3e84ad761370174e1
2024-02-17 13:30 - 2021-10-01 07:55 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-17 13:30 - 2021-10-01 07:55 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-02-16 15:49 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-02-15 22:50 - 2022-06-21 07:40 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-02-15 22:50 - 2022-06-21 07:40 - 000002211 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-02-14 02:48 - 2022-11-25 08:49 - 000469784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-02-14 02:47 - 2023-10-27 16:08 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-02-14 02:47 - 2023-09-12 12:49 - 000000000 ___SD C:\WINDOWS\system32\AppV
2024-02-14 02:47 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-02-14 02:47 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2024-02-14 02:47 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-02-14 02:47 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-02-14 02:47 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-14 02:47 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-02-14 02:47 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-02-14 02:47 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-02-14 02:47 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-02-14 02:47 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-02-14 02:47 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-02-14 02:47 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-02-14 02:47 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-02-14 02:47 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-02-14 02:47 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-02-14 02:47 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-14 00:51 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-02-14 00:38 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-14 00:37 - 2022-11-25 08:50 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-02-14 00:33 - 2021-10-01 08:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-14 00:31 - 2021-10-01 08:00 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-13 21:28 - 2023-10-28 10:49 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-02-13 21:28 - 2023-10-28 10:49 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-02-13 21:28 - 2023-10-28 10:49 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-02-09 23:20 - 2023-10-26 18:38 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2916687263-724568431-2313189076-1003
2024-02-09 23:20 - 2023-10-26 18:38 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2916687263-724568431-2313189076-1003
2024-02-09 23:20 - 2023-10-26 18:38 - 000002420 _____ C:\Users\bilun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-02-07 15:48 - 2022-11-25 08:51 - 000003708 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-07 15:48 - 2022-11-25 08:51 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-02 17:00 - 2022-11-25 08:51 - 000003834 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2024-02-02 13:40 - 2022-11-25 08:51 - 000003762 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2024-02-02 13:40 - 2022-11-25 08:51 - 000003528 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
==================== Archivos en la raíz de algunos directorios ========
2024-02-18 11:43 - 2024-02-18 11:43 - 000000000 _____ () C:\ProgramData\GIJDAFBKFI.exe
2024-02-18 11:43 - 2023-03-12 16:07 - 001221120 _____ () C:\ProgramData\NFAuthenticationKey.exe
2024-02-21 20:18 - 2024-02-21 20:18 - 003364000 _____ (Nicolas Coolman) C:\Users\bilun\ZHPCleaner.exe
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
==================== Final de FRST.txt ========================Y este el Addition.txt
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 19.02.2024 02
Ejecutado por bilun (22-02-2024 18:58:25)
Ejecutado desde C:\Users\bilun\Desktop
Microsoft Windows 11 Pro Versión 23H2 22631.3155 (X64) (2023-10-26 17:20:38)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
(Si una entrada es incluida en el fixlist, será eliminada.)
Administrador (S-1-5-21-2916687263-724568431-2313189076-500 - Administrator - Disabled)
bilun (S-1-5-21-2916687263-724568431-2313189076-1003 - Administrator - Enabled) => C:\Users\bilun
DefaultAccount (S-1-5-21-2916687263-724568431-2313189076-503 - Limited - Disabled)
Invitado (S-1-5-21-2916687263-724568431-2313189076-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2916687263-724568431-2313189076-504 - Limited - Disabled)
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 for Gamers (Disabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
FW: Norton 360 for Gamers (Disabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1034-1033-7760-BC15014EA700}) (Version: 23.008.20533 - Adobe)
Adobe Redeem Launcher (HKLM-x32\...\{073F1D74-FE84-4EF8-A991-57889533FFA7}}_is1) (Version: 1.0.0.03 - MSI)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AIDA64 Extreme v6.92 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.92 - FinalWire Ltd.)
AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 121.1.62.165 - Los creadores de Brave)
BrLauncher (HKLM-x32\...\{88FCD471-DBBF-4A75-8066-ACACE05DE3CF}) (Version: 2.0.14.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{9C9FD76C-DA62-48C3-9450-B5DBDA5E5484}) (Version: 10.7.0.24 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{e06ff58b-3db9-4634-9545-fdbec7c2585f}) (Version: 10.7.0.24 - Brother Industries, Ltd.)
Brother Port Driver (HKLM-x32\...\{C368A17B-6063-4F7A-AE96-76F9DC48C9DF}) (Version: 1.0.5.1 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{815D4CF3-0244-4142-98F8-51E5C7442DB7}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{01A1E3D8-E030-4A0B-B91E-4E1E8E1E02D3}) (Version: 1.0.23.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{D0F69DE9-EE0B-4A7A-8248-6D5EC97D171C}) (Version: 1.0.23.0 - Brother Industries Ltd.) Hidden
calibre 64bit (HKLM\...\{7F97780B-9EAD-4000-BD3A-F6D0FE096D56}) (Version: 6.29.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 6.21 - Piriform)
Comprobación de estado de PC Windows (HKLM\...\{D335124C-C378-488D-933F-1C5181C343F6}) (Version: 3.7.2204.15001 - Microsoft Corporation)
ControlCenter4 (HKLM-x32\...\{CAFE5834-5440-41B8-8C56-4DD946A1A5E1}) (Version: 4.6.21.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
CPUID CPU-Z MSI 2.03 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 2.03 - CPUID, Inc.)
CyberLink PowerBackup 2.6 (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.0.4808a - CyberLink Corp.) Hidden
CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.0.4808a - CyberLink Corp.)
Dashboard (HKLM-x32\...\Western Digital SSD Dashboard) (Version: 4.0.2.20 - Western Digital Corporation)
Dell Peripheral Manager (HKLM\...\Dell Peripheral Manager) (Version: 1.7.1 - Dell Inc.)
Documentation Manager (HKLM\...\{30EDBBE7-D455-4B19-B6EC-EF0F4934ABFE}) (Version: 22.180.0.4 - Intel Corporation) Hidden
Dynamic Application Loader Host Interface Service (HKLM\...\{B8F67CAD-D16A-4AC8-B4F1-3AE8A9FF22F5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
eMule (HKLM-x32\...\eMule) (Version: - )
ENE_QSI_Loki_HAL (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE_QSI_Loki_HAL (HKLM-x32\...\{205ef3a8-937b-43cb-90fc-2f58f71408d8}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
Google Chrome (HKLM\...\{9A5AE077-1B0C-3372-A969-C38F6318D8F6}) (Version: 121.0.6167.185 - Google LLC)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HttpToUsbBridge (HKLM-x32\...\{A92EB32D-F0D1-45D8-A071-262D1229D400}) (Version: 2.0.33.1 - Brother Industries Ltd.)
Intel(R) Chipset Device Software (HKLM\...\{22987D97-5A46-4BD9-B1A5-2FFE44201081}) (Version: 10.1.19199.8340 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{e6ecf35a-b1bb-4e59-9d90-4c98fde2ffa8}) (Version: 10.1.19199.8340 - Intel(R) Corporation)
Intel(R) Computing Improvement Program (HKLM\...\{15E71D2B-4046-4B9D-A8BB-EBFC5CC12D86}) (Version: 2.4.10717 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1B2B12B8-AE77-4104-97FE-904274D21B6C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2230.3.19.0 - Intel Corporation)
Intel(R) Management Engine Driver (HKLM\...\{5F953BF8-C54E-4335-B7C9-873508D2CE1A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME WMI Provider (HKLM\...\{2D7D4B84-FDD2-42BC-9B5B-ADAB4E31AC5E}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000180-0220-1034-84C8-B8D95FA3C8C3}) (Version: 22.180.0.2 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{5815d801-d03c-4911-a46b-75a331ad7265}) (Version: 22.180.0.4 - Intel Corporation) Hidden
Java 8 Update 391 (64-bit) (HKLM\...\{71324AE4-039E-4CA4-87B4-2F64180391F0}) (Version: 8.0.3910.13 - Oracle Corporation)
Java(TM) SE Development Kit 21.0.1 (64-bit) (HKLM\...\{75B0E1AE-DC20-5AC0-A358-61B0256DADBE}) (Version: 21.0.1.0 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
Kodi (HKU\S-1-5-21-2916687263-724568431-2313189076-1003\...\Kodi) (Version: 20.4.0.0 - XBMC Foundation)
LibreOffice 7.5.5.2 (HKLM\...\{61C7ACC0-A7E0-43FB-80A4-C15D0F546355}) (Version: 7.5.5.2 - The Document Foundation)
Malwarebytes version 4.6.8.311 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.8.311 - Malwarebytes)
Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM-x32\...\{784973c8-d618-4ac8-97ed-1fd52c5bdf2f}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.128 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{6BBE9278-659F-FA16-E4B8-C2D60DE0DCC7}) (Version: 10.1.22621.1863 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2916687263-724568431-2313189076-1003\...\OneDriveSetup.exe) (Version: 24.020.0128.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2023.0919.01 - MSI)
NetworkRepairTool (HKLM-x32\...\{96CEE8C3-B934-48A4-ADA6-91B7CE8A5002}) (Version: 1.2.17.0 - Brother Industries, Ltd.) Hidden
Norton 360 (HKLM-x32\...\NGC) (Version: 22.23.10.10 - NortonLifeLock Inc)
Nuance PaperPort 14 (HKLM-x32\...\{6CC9391F-D441-4D2E-9ECC-1F7084C733ED}) (Version: 14.5.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer SE (HKLM-x32\...\{7BAC9170-359D-4EAD-B6E4-238A14940C11}) (Version: 7.20.3230 - Nuance Communications, Inc.)
NVIDIA Controlador de audio HD 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 537.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 537.13 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Oracle VM VirtualBox 7.0.14 (HKLM\...\{8DDF4B7A-DE1A-4619-B426-959B44E40A87}) (Version: 7.0.14 - Oracle and/or its affiliates)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.)
Paquete de controladores de Windows - libusbK Nintendo Switch APX Mode (04/27/2014 3.0.7.0) (HKLM\...\5C4BD94286C931BB5D47200B4AF1D1B99B3C08AB) (Version: 04/27/2014 3.0.7.0 - libusbK)
Realtek PCI-E Wireless LAN Driver (HKLM-x32\...\InstallShield_{70714FB7-4084-4202-A599-2D5935DECB67}) (Version: Drv_3.00.0031 - REALTEK Semiconductor Corp.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.2353 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.43.0 - Samsung Electronics Co., Ltd.)
ScannerUtilityInstaller (HKLM-x32\...\{D65C0754-7790-427F-AD73-D7C644260F57}) (Version: 1.19.9.1 - Brother) Hidden
SoftwareUpdateNotification (HKLM-x32\...\{3D1AD910-B82B-4635-B1C3-0CEF9F6F3D34}) (Version: 1.0.21.0 - Brother Industries, Ltd.) Hidden
Speedtest by Ookla (HKLM\...\{F857E83B-294B-4F5A-85A5-98D1C5252000}) (Version: 1.13.194.001 - Ookla)
StatusMonitor (HKLM-x32\...\{D9584EB4-1D28-4BD1-8F81-6E097C0827EE}) (Version: 1.33.1.0 - Brother Industries, Ltd.) Hidden
TeamViewer (HKLM\...\TeamViewer) (Version: 15.47.3 - TeamViewer)
TegraRcmGUI (HKLM-x32\...\{FD7196C9-BD86-4736-AF9D-7CFCB9E03E67}) (Version: 2.6.0 - eliboa) Hidden
TegraRcmGUI (HKLM-x32\...\TegraRcmGUI 2.6.0) (Version: 2.6.0 - eliboa)
Telegram Desktop (HKU\S-1-5-21-2916687263-724568431-2313189076-1003\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.14.16 - Telegram FZ-LLC)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
uTorrent Web (HKU\S-1-5-21-2916687263-724568431-2313189076-1003\...\utweb) (Version: 1.4.0 - BitTorrent Limited)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.19 - VideoLAN)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 121.0.2277.128 - Microsoft Corporation)
WinRAR 6.22 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.22.0 - win.rar GmbH)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-02-13] ()
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5336.0_x64__8j3eq9eme6ctt [2024-02-12] (INTEL CORP) [Startup Task]
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1000.389.0_x64__8wekyb3d8bbwe [2024-02-02] (Microsoft Corporation)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-10-27] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.21027.539.0_x64__8wekyb3d8bbwe [2024-01-25] (Microsoft Corporation)
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-10-26] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-02-14] (Microsoft Corporation)
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-10-26] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-01-09] (Microsoft Corporation)
MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.29.0_x64__kzh8wxbdkxb8p [2024-01-26] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
Norton Security -> C:\Program Files\Norton Security\Engine\22.23.10.10 [2024-02-22] (NortonLifeLock Inc.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.47.309.0_x64__dt26b99r8h8gj [2023-10-27] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-07] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm [2024-02-08] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-02-14] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2023-10-27] (win.rar GmbH)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
CustomCLSID: HKU\S-1-5-21-2916687263-724568431-2313189076-1003_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2022-06-21] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.10.10\NavShExt.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.10.10\NavShExt.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-02-19] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2022-06-21] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_d3828c822366e497\nvshext.dll [2023-08-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.23.10.10\buShell.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-02-19] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.10.10\NavShExt.dll [2023-11-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
==================== Codecs (Lista blanca) ====================
==================== Accesos directos & WMI ========================
(Las entradas pueden ser listadas para ser restauradas o eliminadas.)
ShortcutWithArgument: C:\Users\bilun\Desktop\Personal - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Default"
==================== Módulos cargados (Lista blanca) =============
2016-11-25 09:18 - 2016-11-25 09:18 - 000139264 _____ () [Archivo no firmado] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2021-10-25 11:39 - 2021-10-25 11:39 - 000122880 _____ () [Archivo no firmado] C:\Program Files (x86)\Browny02\brlmw03a.dll
2022-01-26 18:00 - 2022-01-26 18:00 - 000542720 _____ () [Archivo no firmado] C:\Program Files (x86)\Browny02\BrMonitor.dll
2022-01-26 18:00 - 2022-01-26 18:00 - 001859584 _____ () [Archivo no firmado] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2017-11-07 18:55 - 2019-07-26 07:53 - 000137728 _____ () [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2017-08-18 10:23 - 2017-08-18 10:23 - 000087552 _____ () [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2017-08-18 10:23 - 2017-08-18 10:23 - 017974784 _____ () [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2017-11-07 19:04 - 2018-04-27 08:16 - 000094720 _____ () [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcLSpa.dll
2017-11-07 18:55 - 2019-07-26 07:54 - 000440832 _____ () [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\Track.dll
2012-12-05 11:29 - 2012-12-05 11:29 - 004883456 _____ (BCGSoft Ltd) [Archivo no firmado] C:\Program Files (x86)\Nuance\PaperPort\BCGCBPRO1100u100.dll
2012-12-05 11:29 - 2012-12-05 11:29 - 000036864 _____ (Black Ice Software, Inc.) [Archivo no firmado] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2016-04-12 09:07 - 2016-04-12 09:07 - 000067584 _____ (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Brother\AppLogLib\BrBFLogI.dll
2023-10-28 08:39 - 2013-08-06 11:15 - 000181248 _____ (Nuance Communications, Inc.) [Archivo no firmado] C:\WINDOWS\system32\spool\DRIVERS\x64\3\nuanoemuires.dll
2023-10-28 08:39 - 2013-08-06 11:15 - 000027648 _____ (Nuance Communications, Inc.) [Archivo no firmado] C:\WINDOWS\system32\spool\DRIVERS\x64\3\NuanUI.DLL
2024-01-05 17:19 - 2024-01-05 17:19 - 002973696 _____ (SQLite Development Team) [Archivo no firmado] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
==================== Alternate Data Streams (Lista blanca) ========
(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)
AlternateDataStreams: C:\Users\bilun\Downloads\speedtestbyookla_x64.msi:MBAM.Zone.Identifier [149]
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer (Lista blanca) ==========
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2021-06-05 13:08 - 2021-06-05 13:08 - 000000824 ____N C:\WINDOWS\system32\drivers\etc\hosts
2023-11-08 19:59 - 2023-11-08 19:59 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\dotnet\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Calibre2\
HKU\S-1-5-21-2916687263-724568431-2313189076-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.
Network Binding:
=============
Ethernet 12: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet 13: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet 14: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Wi-Fi 3: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [{2C4C25C4-87FD-4727-8D92-8C4C822554AE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E7388B64-CD4C-4FF0-8023-44CE22D6B73F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{881DA933-9001-4036-B70C-B66C18F714AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6B7321A2-2ECC-47D9-B94C-304076F20A43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7CEBA45D-6C87-457F-98F0-E9BD9AB686F4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1734E1F2-0686-446A-9258-8891DE0A2ABA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A40C1044-BE32-41D6-9E78-8976794E7BAC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B78B31EB-31C8-4A76-BAE1-538DB3ECADAE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B2DFCD4F-588F-459F-88A7-53B8BC80D368}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0CF405D1-9CD0-4091-A7EC-59C5A67E5C69}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{468AA3C1-FD55-445D-A908-8022C6B2A2D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{A1F569D1-6D70-4B6F-8EB8-7B536A5BFECC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{D274C916-70D7-451F-BBD6-ED8E5F491CA2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{BA72BFF0-AC3D-4054-937D-BA4850282B67}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{74CEE74F-6D15-4F9F-9B9A-938008A8D740}] => (Allow) LPort=54950
FirewallRules: [{61077F13-FCE7-4B78-A2DB-7E72C49AC245}] => (Allow) LPort=54955
FirewallRules: [{121E5C4B-BB77-4A8F-B830-47423D053CBE}] => (Allow) C:\Program Files (x86)\Browny02\Brother\BrPrintFinishNotice\BrPrintFinishNotice.exe (Brother Industries, Ltd. -> )
FirewallRules: [{41E3BF44-4D4A-4A54-B20B-EC1B1AF33BEF}] => (Allow) C:\Program Files (x86)\Browny02\Brother\BrPrintFinishNotice\BrPrintFinishNotice.exe (Brother Industries, Ltd. -> )
FirewallRules: [{16C55FDD-1FC8-4BA1-9C92-503420EF180A}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5ABD92BA-30A9-45DD-B8F8-44371EF820FA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5A192555-725B-4195-B76F-50E31EE2F5DA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AF3CB7F3-A42D-4EA3-80CF-78DEFEEA30EF}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{42F80675-DEC2-4C85-B876-7D0BEB6C4CFC}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [Archivo no firmado]
FirewallRules: [UDP Query User{5FAD40A8-AB5C-4B38-9715-9C45B010B514}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [Archivo no firmado]
FirewallRules: [{E1C9F3A0-49C8-48F0-A7E1-A3F0C9A2432D}] => (Allow) C:\Users\bilun\AppData\Roaming\uTorrent Web\utweb.exe => Ningún archivo
FirewallRules: [{760B1B9E-6AA4-47AF-AF22-3E14E987F498}] => (Allow) C:\Users\bilun\AppData\Roaming\uTorrent Web\utweb.exe => Ningún archivo
FirewallRules: [{92C3020F-739A-4AF7-B813-DAB11C0544CC}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2AC00BD7-6FA1-4AD9-8F90-4EC0E87342D7}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D30F556E-AA53-459F-B8BC-4430D4449927}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{C35ED3A4-C06A-415D-B6D0-0003FA8BF195}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{22FC6951-9A11-4196-8F6B-9F7F1D6414C0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.128\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{01005404-3DA5-4879-85B6-CE7CAA02C9E7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3A5CC398-5335-4DAC-B8CE-A9D5741B6CBB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{928D7F66-DAA6-47BB-9D43-519939CE9E0C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3A70AD0B-E591-4390-8543-1252A1FE6A3A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{31FC5F77-FC3D-4F8F-AE22-4F2DA12769A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8CFC30D0-A3BB-4D93-A7D9-3041949BB92C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A461222A-2533-4F93-B299-42066ED1CEA3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{31963134-DBED-47D6-A911-177EF184A063}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D0FC1BFB-8F0D-4F09-AAD0-F04A29882D30}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C96A5FC9-8F6C-49D2-B92F-52F46AD74089}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{598C841F-7D63-4197-B656-6CF037F86E1F}] => (Allow) LPort=32683
FirewallRules: [{9CC7ADC3-7575-424E-8570-E7CA6F9AFEBF}] => (Allow) LPort=26822
FirewallRules: [{C0790101-D8FE-418E-B9C3-FEA0F2F14CB6}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24033.1005.2701.7380_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CC90256A-17DB-4BBD-82CC-2A877832C6AF}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24033.1005.2701.7380_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Puntos de Restauración =========================
22-02-2024 00:02:37 ZHPcleaner
22-02-2024 15:30:15 Installed Speedtest by Ookla
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (02/22/2024 01:34:40 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: El programa ShellExperienceHost.exe versión 10.0.22621.3085 dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre este problema, comprueba el historial de problemas en el panel de control de Seguridad y mantenimiento.
Error: (02/22/2024 12:12:14 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...
Error: (02/22/2024 12:12:14 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.
Error: (02/22/2024 12:12:14 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (02/22/2024 12:12:14 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (02/22/2024 12:12:14 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[3]: 192.168.56.1
Error: (02/22/2024 12:12:14 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[2]: 192.168.1.233
Error: (02/22/2024 12:12:14 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: fe80::4277:e5f6:51f4:c361%35
Errores del sistema:
=============
Error: (02/22/2024 12:42:16 AM) (Source: DCOM) (EventID: 10010) (User: PCNUEVODANI)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (02/22/2024 12:42:16 AM) (Source: DCOM) (EventID: 10010) (User: PCNUEVODANI)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (02/22/2024 12:42:16 AM) (Source: DCOM) (EventID: 10010) (User: PCNUEVODANI)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (02/22/2024 12:42:16 AM) (Source: DCOM) (EventID: 10010) (User: PCNUEVODANI)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (02/22/2024 12:42:16 AM) (Source: DCOM) (EventID: 10010) (User: PCNUEVODANI)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (02/22/2024 12:42:16 AM) (Source: DCOM) (EventID: 10010) (User: PCNUEVODANI)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (02/22/2024 12:42:16 AM) (Source: DCOM) (EventID: 10010) (User: PCNUEVODANI)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (02/22/2024 12:42:16 AM) (Source: DCOM) (EventID: 10010) (User: PCNUEVODANI)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
CodeIntegrity:
===============
Date: 2024-02-22 18:55:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Norton Security\Engine\22.23.10.10\symamsi.dll that did not meet the Windows signing level requirements.
Date: 2024-02-22 18:54:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Norton Security\Engine\22.23.10.10\symamsi.dll that did not meet the Windows signing level requirements.
Date: 2024-02-22 18:54:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\Norton Security\Engine\22.23.10.10\symamsi.dll that did not meet the Microsoft signing level requirements.
==================== Información de la memoria ===========================
BIOS: American Megatrends International, LLC. H.85 09/05/2023
Placa base: Micro-Star International Co., Ltd. MAG Z790 TOMAHAWK WIFI (MS-7D91)
Procesador: 13th Gen Intel(R) Core(TM) i9-13900K
Porcentaje de memoria en uso: 21%
RAM física total: 65309.84 MB
RAM física disponible: 51282.07 MB
Virtual total: 75037.84 MB
Virtual disponible: 57800.55 MB
==================== Unidades ================================
Drive c: (Windows) (Fixed) (Total:930.41 GB) (Free:569.33 GB) (Model: KINGSTON SNV2S1000G) NTFS
Drive d: (My Book Duo) (Fixed) (Total:33527.94 GB) (Free:10608.53 GB) (Model: WD My Book Duo 25F6 USB Device) NTFS
Drive e: (Nuevo vol) (Fixed) (Total:931.5 GB) (Free:928.1 GB) (Model: WD_BLACK SN770 1TB) NTFS
\\?\Volume{e41fd110-7d43-4685-be5d-30ae8b9ab980}\ (Recovery) (Fixed) (Total:0.83 GB) (Free:0.07 GB) NTFS
\\?\Volume{d47eb0cc-8d2b-4071-9a23-0193179993e7}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 18B4636C)
Partition: GPT.
==========================================================
Disk: 2 (Size: 33527.9 GB) (Disk ID: 16F2A91F)
Partition: GPT.
==================== Final de Addition.txt =======================