Virus administrador de sistema

MMI1 · 6 Junio, 2021 17:40

No comprendo a que te refieres con los comentarios de Mail.Ru, no había visto esa pagina nunca. ¿ Es un virus ruso ?, he leído de virus rusos que te roban información bancaria utilizando keyloger ¿con el FRST estaría solucionado ?

Seguí todo tus pasos por lo que todo fue perfecto y con respecto a como sigue el problema no sabría decirte, sinceramente el virus a echo que desconfié y que siempre piense que todavía hay algo que no se puede detectar

Tengo una duda, Se que suena a pregunta un tanto estúpida pero ¿ una vez eliminado el virus hay alguna forma de saber al 100% que esta totalmente eliminado? ¿con algún software muy bestia que analice absolutamente todo y que me asegure que no quede rastro?

ErdrickBass · 6 Junio, 2021 18:38

Hola nuevamente

Más que nada es software que detecte y antes de hacer cualquier cosa opte por preguntar. No es malware, solo un cliente de correo ruso que pudo llegar a tu equipo incluido en algún otro programa. Fuera de ocupar espacio no haría mucho.

Como tal lo que tienes son restricciones. Posiblemente de infecciones eliminadas el antivirus o alguna herramienta.

Bueno 100% como tal no lo encontraras en esta vida. Fuera de eso la herramienta predilecta de expertos en seguridad para desinfecciones y reparaciones es FRST.

Dejando a eso un lado vamos a hacer algunos pasos más para terminar de eliminar las restricciones. Realiza lo siguiente (si necesitas imprime, saca captura o revisa las siguientes instrucciones desde tu móvil):

Descarga y descomprime Windows Repair Portable en cualquier lugar de fácil acceso.

Tweaking.com - Windows Repair Portable

Inicia en modo seguro: Iniciar el PC en modo seguro en Windows 10

Abre la carpeta de Windows Repair. Espera a que inicie y ve a la pestaña Repairs-Main y selecciona la opción Open Repairs.

Se abrirá la ventana de reparaciones. En esta dirígete al listado de la parte izquierda y marca las siguientes casillas:

01 - Reset Registry Permissions
02 - Reset File Permissions
03 - Reset Service Permissions
10 - Remove Plicies set by Infections
14 - Remove Temp Files
26 - Set Windows Services to default Startup
31 - Restore UAC (User Account Control) Settings
32 - Repair Performance Counters

Ya con esto seleccionado das en Start Repairs. Espera pacientemente a que termine. Una vez que lo haga reinicia en modo normal.

Una vez terminado el proceso vuelve a escanear con FRST y nos traerías los nuevos reportes.

Saludos

MMI1 · 6 Junio, 2021 19:42

tengo un problema al iniciar el modo seguro, no puedo darle al f4 y reiniciar porque mi teclado no funciona al entrar a ese menú

ErdrickBass · 6 Junio, 2021 23:55

Hola nuevamente,

Eso es un poco extraño

¿Puedes iniciar en modo normal?
¿El ratón si funciona?
¿ES tu PC portátil o de escritorio?

Nos comentas.

Saludos

MMI1 · 7 Junio, 2021 01:17

si en modo normal si puedo iniciar. el raton si funciona pero para iniciar el modo seguro tengo que darle a la tecla f4, el pc de sobremesa, antes si me funcionaba pero ahora no, puede ser que se trate de alguna configuracion de la bios ?

ErdrickBass · 7 Junio, 2021 02:10

Hola nuevamente,

Sería complicado saberlo. Pero para evitar meternos con esto, revisa el siguiente tema (aplica también para Windows 10):

Trata de seguir las opciones que te sean posibles.

Nos comentas.

Saludos

MMI1 · 7 Junio, 2021 14:17

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 06-06-2021
Ejecutado por nacho (07-06-2021 16:11:03)
Ejecutado desde D:\apps\SECURITY
Windows 10 Pro Versión 21H1 19043.985 (X64) (2021-03-13 14:26:17)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-3727005302-3991227866-2028133701-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3727005302-3991227866-2028133701-503 - Limited - Disabled)
Invitado (S-1-5-21-3727005302-3991227866-2028133701-501 - Limited - Enabled)
nacho (S-1-5-21-3727005302-3991227866-2028133701-1001 - Administrator - Enabled) => C:\Users\nacho
perin (S-1-5-21-3727005302-3991227866-2028133701-1002 - Limited - Enabled) => C:\Users\perin
WDAGUtilityAccount (S-1-5-21-3727005302-3991227866-2028133701-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Bitdefender Antivirus (Enabled - Up to date) {BAD274F4-FA00-8560-1CDE-6C830442BEFA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}
FW: Bitdefender Cortafuego (Enabled) {82E9F5D1-B06F-8438-3781-C5B6FA91F981}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Dreamweaver 2021 (HKLM-x32\...\DRWV_21_0) (Version: 21.0 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version:  - Adobe)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_0) (Version: 22.0.0.35 - Adobe Inc.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.13.27.501 - Advanced Micro Devices, Inc.)
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.6.1.1797 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.5.2 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{40c19864-e557-4855-95ee-075689dfcf8e}) (Version: 2.13.27.501 - Advanced Micro Devices, Inc.) Hidden
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23258 - Microsoft Corporation)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.17.1000 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 25.0.19.75 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 25.4.2.36 - Bitdefender)
Branding64 (HKLM\...\{871DA3E4-7743-4CDB-B95E-995DA5DA9B23}) (Version: 1.00.0004 - Advanced Micro Devices, Inc.) Hidden
Brave (HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\BraveSoftware Brave-Browser) (Version: 91.1.25.70 - Los creadores de Brave)
Core Epic (HKLM\...\{B51E6DE5-9A25-47E6-9806-24B4C62D42A6}) (Version: 1.3.1.0 - Manticore Games)
Core Epic Installer (HKLM-x32\...\{22bb3982-45d5-4389-9a00-eb921dcfcb1f}) (Version: 1.3.0.0 - Manticore Games) Hidden
CORSAIR iCUE Software (HKLM-x32\...\{3D350B22-542B-4FB4-B3AC-EA760941C319}) (Version: 3.38.61 - Corsair)
DARK SOULS REMASTERED (HKLM-x32\...\DARK SOULS REMASTERED_is1) (Version:  - )
Diag version 2.0.1.0 (HKLM\...\10DBD048-433A-4BC3-951F-055296F077B3_is1) (Version: 2.0.1.0 - Adlice Software)
Discord (HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Elgato Stream Deck (HKLM\...\{C049D287-51E2-4C61-A21B-C59BBB090CEA}) (Version: 4.9.3.13222 - Elgato Systems GmbH)
ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.0.9 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{8bcd6161-a822-4c5a-9711-472cb32c7adf}) (Version: 1.0.0.9 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{d8516682-de60-4332-ad6f-49373754b677}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM-x32\...\{9eeadf99-713b-4ab5-9ccd-bf9c1c4d9daf}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
Enlisted Launcher 1.0.3.46 (HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\{5fcad5a5-d0d8-4edf-a5ba-040b397eac31}}_is1) (Version:  - Gaijin Network)
Epic Games Launcher (HKLM-x32\...\{385D03C4-767B-4B5F-A627-61319D136EF4}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{0B736177-814A-4ADE-81D1-66A0FDD55BB4}) (Version: 1.1.11.0 - Epic Games, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FiveM (HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\CitizenFX_FiveM) (Version:  - Cfx.re)
Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.8.4.0 - miHoYo Co.,Ltd)
Glary Utilities 4.8 (HKLM-x32\...\Glary Utilities 4) (Version: 4.8.0.97 - Glarysoft Ltd)
HWiNFO64 Version 6.40 (HKLM\...\HWiNFO64_is1) (Version: 6.40 - Martin Malik - REALiX)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation)
Java 8 Update 281 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180281F0}) (Version: 8.0.2810.9 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2021.3.9205 - Logitech)
Malwarebytes version 4.4.0.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 - Malwarebytes)
Microsoft .NET SDK 5.0.203 (x64) (HKLM-x32\...\{fb708b29-011a-49f6-8cdd-6b673f1b5501}) (Version: 5.2.321.22315 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.41 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3727005302-3991227866-2028133701-1002\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29914 (HKLM-x32\...\{43d1ce82-6f55-4860-a938-20e5deb28b98}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.56.2 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{911FBC64-4C64-4B8F-A637-B34832638C86}) (Version: 1.0.0.0 - Mojang)
MSI Afterburner 4.6.3 (HKLM-x32\...\Afterburner) (Version: 4.6.3 - MSI Co., LTD)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
OpenIV (HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\OpenIV) (Version: 4.0.1.1452 - .black/OpenIV Team)
Oracle VM VirtualBox 6.0.24 (HKLM\...\{9EC88BBB-BAFD-4666-BFB1-5F737A76C055}) (Version: 6.0.24 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.100.48178 - Electronic Arts, Inc.)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
RivaTuner Statistics Server 7.3.0 (HKLM-x32\...\RTSS) (Version: 7.3.0 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.41.364 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.5 - Rockstar Games)
RogueKiller versión 14.8.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.8.6.0 - Adlice Software)
RSI Launcher 1.4.10 (HKLM\...\81bfc699-f883-50c7-b674-2483b6baae23) (Version: 1.4.10 - Cloud Imperium Games)
RyzenMasterSDK (HKLM\...\{FE13F9D7-038D-4E21-B221-CE16700F12A9}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Snap Camera 1.13.0 (HKLM-x32\...\{024A6CF5-627D-497F-980B-B9A6EC5C40AF}_is1) (Version: 1.13.0 - Snap Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StreamElements OBS.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 21.3.8.729 - StreamElements)
Streamlabs OBS 0.27.0 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.27.0 - General Workings, Inc.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 10.0.1220 - SUPERAntiSpyware.com)
Telegram Desktop version 2.7.4 (HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.7.4 - Telegram FZ-LLC)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 4.0.0 - Tweaking.com)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 120.0.10418 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{2F5FF7B1-09D6-431D-A677-C3CF007099EC}) (Version: 1.2.0.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
VEGAS Pro 17.0 (HKLM\...\{E69D2D1E-B27C-11E9-BDDE-A5146957F833}) (Version: 17.0.284 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.4.12 - Black Tree Gaming Ltd.)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
WinRAR 6.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.4.5) (HKLM\...\Wondershare Filmora9_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)

Packages:
=========
Cinebench -> C:\Program Files\WindowsApps\MAXONComputerGmbH.Cinebench_23.2.0.0_x64__rsne5bsk8s7tj [2021-04-14] (MAXON Computer GmbH)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-04-14] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-05] (Microsoft Studios) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.23.242.0_x64__dt26b99r8h8gj [2021-04-14] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0 [2021-05-28] (Spotify AB) [Startup Task]
TranslucentTB -> C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_9.0.0.0_x86__v826wp6bftszj [2021-04-14] (Charles Milette) [Startup Task]
Web Developer Checklist -> C:\Program Files\WindowsApps\33451madskristensen.WebDeveloperChecklist_1.8.6.0_neutral__05a71d3b7h4wc [2021-04-14] (madskristensen)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001_Classes\CLSID\{06B74C04-E813-4DD4-A972-172836EFA8D6}\InprocServer32 -> C:\Users\nacho\AppData\Local\BraveSoftware\Update\1.3.101.0\psuser_64.dll (Brave Software, Inc. -> BraveSoftware Inc.)
CustomCLSID: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001_Classes\CLSID\{06C9646D-2807-44C0-97D2-6DA0DB623DB4}\localserver32 -> C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\Application\91.1.25.70\notification_helper.exe (Brave Software, Inc. -> Brave Software, Inc.)
CustomCLSID: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001_Classes\CLSID\{EB6C6C09-015C-4B85-8884-4F4DB70E90FB}\InprocServer32 -> C:\Users\nacho\AppData\Local\BraveSoftware\Update\1.3.101.0\psuser_64.dll (Brave Software, Inc. -> BraveSoftware Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2021-03-22] (Notepad++ -> )
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 4\x64\ContextHandler.dll [2014-03-17] (Glarysoft Ltd -> Glarysoft Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 4\x64\ContextHandler.dll [2014-03-17] (Glarysoft Ltd -> Glarysoft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-29] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-05-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 4\x64\ContextHandler.dll [2014-03-17] (Glarysoft Ltd -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-29] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

MMI1 · 7 Junio, 2021 14:17

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Archivo no firmado]

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============


==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\Software\Microsoft\Internet Explorer\Main,Start Page = www.InfoSpyware.com
SearchScopes: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2021-05-20] (Bitdefender SRL -> Bitdefender)
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2021-05-20] (Bitdefender SRL -> Bitdefender)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_281\bin\ssv.dll [2021-04-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_281\bin\jp2ssv.dll [2021-04-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2021-05-20] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2021-05-20] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2021-05-20] (Bitdefender SRL -> Bitdefender)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Hay 7940 más sitios.

IE trusted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\sharepoint.com -> hxxps://alumnoifp.sharepoint.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\123simsen.com -> www.123simsen.com

Hay 7945 más sitios.

IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1002\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1002\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1002\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1002\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1002\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1002\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1002\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1002\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1002\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1002\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1002\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1002\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1002\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1002\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1002\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1002\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1002\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1002\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3727005302-3991227866-2028133701-1002\...\123simsen.com -> www.123simsen.com

Hay 7942 más sitios.


==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2020-10-26 23:02 - 2021-06-07 15:58 - 000000690 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1    localhost

2020-10-30 01:56 - 2020-11-01 19:50 - 000000447 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.17.157.209 DESKTOP-H3L2487.mshome.net # 2025 10 5 31 17 50 7 216

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64_win\compiler;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-3727005302-3991227866-2028133701-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
mpsdrv => El servicio de Firewall de Windows no se está ejecutando.
MpsSvc => El servicio de Firewall de Windows no se está ejecutando.
bfe => El servicio de Firewall de Windows no se está ejecutando.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\Run: => "VBoxTray"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Stream Deck"
HKLM\...\StartupApproved\Run: => "BdVpnApp"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "CORSAIR iCUE Software"
HKLM\...\StartupApproved\Run32: => "PSUAMain"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Avira System Speedup User Starter"
HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\StartupApproved\StartupFolder: => "Psi.lnk"
HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\StartupApproved\Run: => "BraveSoftware Update"
HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\StartupApproved\Run: => "LGHUB"
HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\StartupApproved\Run: => "WallpaperEngine"
HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\StartupApproved\Run: => "Launcher"
HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{E2E0BD39-562F-40CC-B3FC-5C8491A7E784}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{62AF6E05-D208-4DDD-A267-CBB5E0DBDE8D}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A5D8A002-0DE3-4B9F-8609-85638EBB7986}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EE73BA4F-5711-4E22-97D7-413A80D07103}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{D4040BCE-5297-4BAF-AF88-1976E682C572}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{A1BB9072-1EC6-4224-8ADC-4877CF911D33}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{B0AF4876-0DCF-4C9F-B572-E62C07E4C6A6}C:\users\nacho\appdata\local\bravesoftware\brave-browser\application\brave.exe] => (Allow) C:\users\nacho\appdata\local\bravesoftware\brave-browser\application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [UDP Query User{9D9FEF38-5BBB-488B-9718-9E5F4D70EFF4}C:\users\nacho\appdata\local\bravesoftware\brave-browser\application\brave.exe] => (Allow) C:\users\nacho\appdata\local\bravesoftware\brave-browser\application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [TCP Query User{0304C133-9442-464B-B89A-6E23AB4A40B0}C:\users\nacho\downloads\futa_fix_dick_dine_and_dash\futa.fix.dick.dine.and.dash\futa fix dick dine and dash\game.exe] => (Allow) C:\users\nacho\downloads\futa_fix_dick_dine_and_dash\futa.fix.dick.dine.and.dash\futa fix dick dine and dash\game.exe => Ningún archivo
FirewallRules: [UDP Query User{46A91F35-F3D1-4734-94D7-40C7A967BEE9}C:\users\nacho\downloads\futa_fix_dick_dine_and_dash\futa.fix.dick.dine.and.dash\futa fix dick dine and dash\game.exe] => (Allow) C:\users\nacho\downloads\futa_fix_dick_dine_and_dash\futa.fix.dick.dine.and.dash\futa fix dick dine and dash\game.exe => Ningún archivo
FirewallRules: [{09CBD126-85DA-4274-9F58-95DA9488048D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{FAA69FBF-8C69-4531-A6B3-E752F36141A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{9551AD2B-DEB8-4CA3-93BD-54CB6677EFE1}C:\users\nacho\downloads\valheim__v0_143_5_\valheim.v0.143.5\valheim.v0.143.5\valheim.exe] => (Allow) C:\users\nacho\downloads\valheim__v0_143_5_\valheim.v0.143.5\valheim.v0.143.5\valheim.exe => Ningún archivo
FirewallRules: [UDP Query User{FA30151C-7FE8-414D-A22A-7EEDA88C7E4C}C:\users\nacho\downloads\valheim__v0_143_5_\valheim.v0.143.5\valheim.v0.143.5\valheim.exe] => (Allow) C:\users\nacho\downloads\valheim__v0_143_5_\valheim.v0.143.5\valheim.v0.143.5\valheim.exe => Ningún archivo
FirewallRules: [TCP Query User{64218D8D-E4AD-4589-8A2C-8D49356A4268}C:\users\nacho\downloads\becastled\becastled.early.access\becastled\becastled.exe] => (Allow) C:\users\nacho\downloads\becastled\becastled.early.access\becastled\becastled.exe => Ningún archivo
FirewallRules: [UDP Query User{B408F3CF-14AD-48A3-97D0-0BC22463BC33}C:\users\nacho\downloads\becastled\becastled.early.access\becastled\becastled.exe] => (Allow) C:\users\nacho\downloads\becastled\becastled.early.access\becastled\becastled.exe => Ningún archivo
FirewallRules: [TCP Query User{BFE59AB7-2381-4568-A132-826C0604A15C}D:\games\core\core\platform\binaries\win64\platform-win64-shipping.exe] => (Allow) D:\games\core\core\platform\binaries\win64\platform-win64-shipping.exe (Manticore Games, Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{AFBEB53D-5797-4255-A098-A877311A03DA}D:\games\core\core\platform\binaries\win64\platform-win64-shipping.exe] => (Allow) D:\games\core\core\platform\binaries\win64\platform-win64-shipping.exe (Manticore Games, Inc.) [Archivo no firmado]
FirewallRules: [{CEF91723-D4FF-4A16-9AD3-54E0C93F2F58}] => (Allow) D:\SteamLibrary\steamapps\common\Escape Room - The Sick Colleague\Escape Room.exe () [Archivo no firmado]
FirewallRules: [{B4FC0E32-4E0B-4A30-A0BD-F92EE3F47B80}] => (Allow) D:\SteamLibrary\steamapps\common\Escape Room - The Sick Colleague\Escape Room.exe () [Archivo no firmado]
FirewallRules: [{5D90E819-4127-4E25-A597-582BDF621430}] => (Allow) D:\SteamLibrary\steamapps\common\Marvels Avengers\avengers.exe (Square Enix LTD -> Crystal Dynamics, Inc.)
FirewallRules: [{F4991852-7A80-4C90-9915-D08E800C69B6}] => (Allow) D:\SteamLibrary\steamapps\common\Marvels Avengers\avengers.exe (Square Enix LTD -> Crystal Dynamics, Inc.)
FirewallRules: [{09C07CAB-51D0-4AD6-9FD4-4630CC4E545B}] => (Allow) D:\SteamLibrary\steamapps\common\PC Building Simulator\PCBS.exe () [Archivo no firmado]
FirewallRules: [{6A956256-48E8-4032-A3AD-91A8DCE3E01B}] => (Allow) D:\SteamLibrary\steamapps\common\PC Building Simulator\PCBS.exe () [Archivo no firmado]
FirewallRules: [{F25CD490-F9D0-4653-941F-3543C760C51C}] => (Allow) D:\SteamLibrary\steamapps\common\High Entropy Challenges\HighEntropy.exe () [Archivo no firmado]
FirewallRules: [{5D83CFA2-F8D2-4861-AFA7-900EBE67F242}] => (Allow) D:\SteamLibrary\steamapps\common\High Entropy Challenges\HighEntropy.exe () [Archivo no firmado]
FirewallRules: [{F68EAC9A-622E-40FE-99CA-577E07F4A477}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{AF57273D-4439-4214-9455-CBC837FC1E3C}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{3C050DC1-E322-435F-86FB-59F07C3B9A47}C:\users\nacho\appdata\local\programs\microsoft vs code\code.exe] => (Block) C:\users\nacho\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{18E8776B-8AF2-4EC8-B0C2-A565108F0CB7}C:\users\nacho\appdata\local\programs\microsoft vs code\code.exe] => (Block) C:\users\nacho\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{D364C854-2CB5-4456-B44B-7CA35D15D032}C:\users\nacho\appdata\local\bravesoftware\brave-browser\application\brave.exe] => (Allow) C:\users\nacho\appdata\local\bravesoftware\brave-browser\application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [UDP Query User{AEFAE8E0-E1CD-47A2-B66D-61675C431086}C:\users\nacho\appdata\local\bravesoftware\brave-browser\application\brave.exe] => (Allow) C:\users\nacho\appdata\local\bravesoftware\brave-browser\application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{9F450284-D9A5-4E1D-B6AD-B33BC6ED39B1}] => (Allow) D:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe () [Archivo no firmado]
FirewallRules: [{495075B9-96AC-4EED-9DA0-D06F3D2E099D}] => (Allow) D:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe () [Archivo no firmado]
FirewallRules: [{0EBD2DC6-C8C6-48A7-940D-5AF55AC002B1}] => (Allow) D:\SteamLibrary\steamapps\common\Brawlhalla\Brawlhalla.exe () [Archivo no firmado]
FirewallRules: [{E34752F5-A03F-4CE9-9E13-B30B51166D9C}] => (Allow) D:\SteamLibrary\steamapps\common\Brawlhalla\Brawlhalla.exe () [Archivo no firmado]
FirewallRules: [{E397E049-A728-437C-B1D2-57F67CC42917}] => (Allow) D:\SteamLibrary\steamapps\common\Broforce The Expendables Missions\Expendabros.exe () [Archivo no firmado]
FirewallRules: [{CD8A2437-BDBB-42EB-8C4A-731724A554F9}] => (Allow) D:\SteamLibrary\steamapps\common\Broforce The Expendables Missions\Expendabros.exe () [Archivo no firmado]
FirewallRules: [{4E57B0E0-AE6F-481C-BA67-52C722F0ADC8}] => (Allow) D:\SteamLibrary\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [Archivo no firmado]
FirewallRules: [{1B3C31DC-5450-4342-9F3E-05CF29EF7E7C}] => (Allow) D:\SteamLibrary\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [Archivo no firmado]
FirewallRules: [{22E8DFFC-C03A-4330-9B17-5440AF31026C}] => (Allow) D:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe => Ningún archivo
FirewallRules: [{CE1EFB5E-3092-4A6A-BD70-4883576D2D37}] => (Allow) D:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe => Ningún archivo
FirewallRules: [{03EA2082-140E-416B-AAFE-345B3612A09D}] => (Allow) D:\SteamLibrary\steamapps\common\Gladio and Glory\Gladio and Glory\Gladio and Glory.exe => Ningún archivo
FirewallRules: [{FE9565C1-A554-4D13-A0A1-93EFF00FB64F}] => (Allow) D:\SteamLibrary\steamapps\common\Gladio and Glory\Gladio and Glory\Gladio and Glory.exe => Ningún archivo
FirewallRules: [{F10C222E-741F-4642-A407-1A4794BEE579}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{15A2C2A7-0E23-4EDC-BD1E-AAF846CDF89C}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{2A9C6FC3-4891-426B-A317-399CE5AA5792}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{C796E28E-C4A4-4ECE-AD25-8FDD5F54D574}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{9B3D6D68-738F-48C2-9C71-1CBAD5843C0E}] => (Allow) D:\SteamLibrary\steamapps\common\POLYWAR\Polywar.exe () [Archivo no firmado]
FirewallRules: [{01C34843-4019-4C3C-BC6C-9A2AE45C7ACA}] => (Allow) D:\SteamLibrary\steamapps\common\POLYWAR\Polywar.exe () [Archivo no firmado]
FirewallRules: [{F8344D58-DE3D-47B6-85C7-4994984E64FA}] => (Allow) D:\SteamLibrary\steamapps\common\Enclave\Enclave.exe (Starbreeze Studios) [Archivo no firmado]
FirewallRules: [{3C42DA78-3E59-4C25-BB23-1541F7CB4176}] => (Allow) D:\SteamLibrary\steamapps\common\Enclave\Enclave.exe (Starbreeze Studios) [Archivo no firmado]
FirewallRules: [{57ACE54D-6B73-47F1-BB13-8F554C51FD2E}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 4\bin\FarCry4.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{420EDE3B-A25C-4D8E-BCF6-992579BD6F6F}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 4\bin\FarCry4.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{EF08AC62-C00B-4C0A-B804-E44FA9879067}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{BDECCEC2-C925-4B7A-9C7B-072D96A4C109}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{77CB241F-47FA-4663-973E-1395C1CA500D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DA097137-2592-4928-B1DD-690D78868CB7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{45B1A6AC-1005-4F3E-BDDE-648FCCD90442}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2BCD2B42-F65C-43D8-A6F4-10C6CDC6AA89}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B6E15834-B0DE-460C-B336-5D287A668B99}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1052ED8A-8608-4444-9601-F122934C4694}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FC14CCF3-75D3-452B-9B6D-5A183F567E83}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A9876C0C-D752-496C-9C2C-BB7E964D17B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D048498F-11CC-4586-AD89-E45D2FBA0F81}] => (Allow) D:\SteamLibrary\steamapps\common\Little Nightmares\Atlas\Binaries\Win64\LittleNightmares.exe (Tarsier Studios) [Archivo no firmado]
FirewallRules: [{2345F2A3-687D-4AB7-92B5-37DB76E38662}] => (Allow) D:\SteamLibrary\steamapps\common\Little Nightmares\Atlas\Binaries\Win64\LittleNightmares.exe (Tarsier Studios) [Archivo no firmado]
FirewallRules: [{F9A0DF3E-576E-4864-A362-0402A4EEDDF4}] => (Allow) D:\SteamLibrary\steamapps\common\Company of Heroes 2\RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [{D7DC2154-DC4D-4EE7-8763-47566C7F511C}] => (Allow) D:\SteamLibrary\steamapps\common\Company of Heroes 2\RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [{820FF91E-B96D-4BA3-9F71-A226866391C4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{4C5929A9-47A2-4D9F-92E0-0833EEAE5B2E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{C1C95AF0-D805-4217-9F79-B7F0B26B346C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{4B7950F2-BB26-4379-8F8B-BC73AE4ABD44}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{E0CB4984-E459-47C7-98C9-3685409B6517}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{E06D2CE4-5CFD-4D1D-A3F3-61A16ECBABDF}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{1D3EE235-B182-4F75-80FF-2E39B75C65F0}] => (Allow) D:\Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{DCE9D8B2-C33C-474C-97B3-69C253890293}] => (Allow) D:\Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{61719FE7-C316-438C-A751-09DB14277F3D}] => (Allow) D:\Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{E11D2DE0-40F0-45DC-8426-2EDA2B9B6308}] => (Allow) D:\Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{66231F91-CE98-46EE-B255-2E656A99FDB6}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{8D7864AE-58AA-48C3-8F59-939A7A836397}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{220B795C-8A66-4215-9FEE-7FA1B7F6EE44}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{4C98C377-6543-4AA6-8E14-E8C70231AE66}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{3B1C4FFD-69DF-41A4-BB2C-FB8227B05777}] => (Allow) D:\SteamLibrary\steamapps\common\Assetto Corsa Competizione\acc.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [{FB0B7AA5-AA95-4F39-9C00-FDE3826A7798}] => (Allow) D:\SteamLibrary\steamapps\common\Assetto Corsa Competizione\acc.exe (Epic Games, Inc.) [Archivo no firmado]

==================== Puntos de Restauración =========================

28-05-2021 23:52:24 Radeon Installer
30-05-2021 05:56:28 Removed Kinect for Windows Speech Recognition Language Pack (es-ES)
03-06-2021 17:45:08 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Controlador de infraestructura de virtualización de Microsoft Hyper-V
Description: Controlador de infraestructura de virtualización de Microsoft Hyper-V
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Vid
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Teclado PS/2 estándar
Description: Teclado PS/2 estándar
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Teclados estándar)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Mouse PS/2 de Microsoft
Description: Mouse PS/2 de Microsoft
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (06/07/2021 03:55:57 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (06/07/2021 03:55:57 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (06/07/2021 05:04:57 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x8007001f, Uno de los dispositivos conectados al sistema no funciona.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet

Error: (06/07/2021 04:34:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: GTA5.exe, versión: 1.0.2245.0, marca de tiempo: 0x604262e9
Nombre del módulo con errores: GTA5.exe, versión: 1.0.2245.0, marca de tiempo: 0x604262e9
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000000004432d2
Identificador del proceso con errores: 0xa0c
Hora de inicio de la aplicación con errores: 0x01d75b44a2a8b198
Ruta de acceso de la aplicación con errores: D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTA5.exe
Ruta de acceso del módulo con errores: D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTA5.exe
Identificador del informe: 745c69bf-4f17-4971-8d9d-adec7b0a5614
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/07/2021 04:34:32 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: GTA5.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: código de la excepción c0000005, dirección de la excepción 00007FF7CD8C32D2

Error: (06/07/2021 04:10:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: GTA5.exe, versión: 1.0.2245.0, marca de tiempo: 0x604262e9
Nombre del módulo con errores: ntdll.dll, versión: 10.0.19041.964, marca de tiempo: 0xbd2c3c23
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000024785
Identificador del proceso con errores: 0x2fdc
Hora de inicio de la aplicación con errores: 0x01d75b1517e3c290
Ruta de acceso de la aplicación con errores: D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTA5.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: 7221ee3d-c9fe-4b41-99de-bf2d22766f66
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/06/2021 10:43:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: GTA5.exe, versión: 1.0.2245.0, marca de tiempo: 0x604262e9
Nombre del módulo con errores: GTA5.exe, versión: 1.0.2245.0, marca de tiempo: 0x604262e9
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000000004432d2
Identificador del proceso con errores: 0x2f94
Hora de inicio de la aplicación con errores: 0x01d75b13a2f1434e
Ruta de acceso de la aplicación con errores: D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTA5.exe
Ruta de acceso del módulo con errores: D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTA5.exe
Identificador del informe: 185ac833-0de0-4a69-b8b6-80cb1c7be7a2
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/06/2021 10:43:46 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: GTA5.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: código de la excepción c0000005, dirección de la excepción 00007FF7CD8C32D2


Errores del sistema:
=============
Error: (06/07/2021 04:10:29 PM) (Source: DCOM) (EventID: 10005) (User: TUPUTAMADRETEPA)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (06/07/2021 04:10:21 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1084" al intentar iniciar el servicio EventSystem con argumentos "No disponible" para ejecutar el servidor:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (06/07/2021 04:10:21 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1084" al intentar iniciar el servicio EventSystem con argumentos "No disponible" para ejecutar el servidor:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (06/07/2021 04:09:27 PM) (Source: DCOM) (EventID: 10005) (User: TUPUTAMADRETEPA)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (06/07/2021 04:09:18 PM) (Source: DCOM) (EventID: 10005) (User: TUPUTAMADRETEPA)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (06/07/2021 04:08:56 PM) (Source: DCOM) (EventID: 10005) (User: TUPUTAMADRETEPA)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (06/07/2021 04:07:09 PM) (Source: DCOM) (EventID: 10005) (User: TUPUTAMADRETEPA)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (06/07/2021 04:03:46 PM) (Source: DCOM) (EventID: 10005) (User: TUPUTAMADRETEPA)
Description: Error de DCOM "1084" al intentar iniciar el servicio BthAvctpSvc con argumentos "No disponible" para ejecutar el servidor:
{6E1F7F3E-760E-45F3-AA8F-5761ABDA272A}


Windows Defender:
================
Date: 2021-05-01 00:55:45
Description: 
El acceso controlado a carpetas bloqueó C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe para que no pueda modificar %userprofile%\Pictures.
Hora de detección: 2021-04-30T22:55:45.592Z
Usuario: TUPUTAMADRETEPA\nacho
Ruta de acceso: %userprofile%\Pictures
Nombre del proceso: C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
Versión de inteligencia de seguridad: 1.337.284.0
Versión del motor: 1.1.18100.5
Versión del producto: 4.18.2103.7

Date: 2021-04-30 22:19:48
Description: 
El acceso controlado a carpetas bloqueó C:\Program Files\Streamlabs OBS\resources\app.asar.unpacked\node_modules\obs-studio-node\obs-ffmpeg-mux.exe para que no pueda modificar %userprofile%\Videos\.
Hora de detección: 2021-04-30T20:19:48.695Z
Usuario: TUPUTAMADRETEPA\nacho
Ruta de acceso: %userprofile%\Videos\
Nombre del proceso: C:\Program Files\Streamlabs OBS\resources\app.asar.unpacked\node_modules\obs-studio-node\obs-ffmpeg-mux.exe
Versión de inteligencia de seguridad: 1.337.284.0
Versión del motor: 1.1.18100.5
Versión del producto: 4.18.2103.7

Date: 2021-04-30 22:19:40
Description: 
El acceso controlado a carpetas bloqueó C:\Program Files\Streamlabs OBS\resources\app.asar.unpacked\node_modules\obs-studio-node\obs64.exe para que no pueda modificar %userprofile%\Videos\.
Hora de detección: 2021-04-30T20:19:40.135Z
Usuario: TUPUTAMADRETEPA\nacho
Ruta de acceso: %userprofile%\Videos\
Nombre del proceso: C:\Program Files\Streamlabs OBS\resources\app.asar.unpacked\node_modules\obs-studio-node\obs64.exe
Versión de inteligencia de seguridad: 1.337.284.0
Versión del motor: 1.1.18100.5
Versión del producto: 4.18.2103.7

Date: 2021-04-30 21:41:08
Description: 
El acceso controlado a carpetas bloqueó C:\Program Files\obs-studio\bin\64bit\obs64.exe para que no pueda modificar %userprofile%\Videos.
Hora de detección: 2021-04-30T19:41:08.793Z
Usuario: TUPUTAMADRETEPA\nacho
Ruta de acceso: %userprofile%\Videos
Nombre del proceso: C:\Program Files\obs-studio\bin\64bit\obs64.exe
Versión de inteligencia de seguridad: 1.337.284.0
Versión del motor: 1.1.18100.5
Versión del producto: 4.18.2103.7

Date: 2021-04-30 20:35:25
Description: 
El acceso controlado a carpetas bloqueó C:\Program Files\Rockstar Games\Launcher\Launcher.exe para que no pueda modificar %userprofile%\Documents\Rockstar Games\Launcher\.
Hora de detección: 2021-04-30T18:35:25.344Z
Usuario: TUPUTAMADRETEPA\nacho
Ruta de acceso: %userprofile%\Documents\Rockstar Games\Launcher\
Nombre del proceso: C:\Program Files\Rockstar Games\Launcher\Launcher.exe
Versión de inteligencia de seguridad: 1.337.284.0
Versión del motor: 1.1.18100.5
Versión del producto: 4.18.2103.7

Date: 2021-05-13 22:52:41
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.337.390.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.18100.5
Código de error: 0x80070643
Descripción del error: Error irrecuperable durante la instalación. 

Date: 2021-05-13 22:52:40
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 1.339.615.0
Versión anterior de inteligencia de seguridad: 1.337.390.0
Origen de actualización: Usuario
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Diferencia
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 1.1.18100.6
Versión anterior del motor: 1.1.18100.5
Código de error: 0x80070666
Descripción del error: Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. 

Date: 2021-05-13 22:52:40
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 1.339.615.0
Versión anterior de inteligencia de seguridad: 1.337.390.0
Origen de actualización: Usuario
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Diferencia
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 1.1.18100.6
Versión anterior del motor: 1.1.18100.5
Código de error: 0x80070666
Descripción del error: Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. 

Date: 2021-05-13 22:52:40
Description: 
Antivirus de Microsoft Defender encontró un error al intentar actualizar el motor.
Nueva versión de motor: 1.1.18100.6
Versión de motor anterior: 1.1.18100.5
Usuario: NT AUTHORITY\SYSTEM
Código de error: 0x80070666
Descripción del error: Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. 

CodeIntegrity:
===============
Date: 2021-06-07 15:55:53
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender Security\bdamsi\265319768856167693\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-06-07 15:55:53
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender Security\bdamsi\265319768856167693\antimalware_provider64.dll that did not meet the Windows signing level requirements.


==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. F60e 12/09/2020
Placa base: Gigabyte Technology Co., Ltd. B450M DS3H-CF
Procesador: AMD Ryzen 5 2600 Six-Core Processor 
Porcentaje de memoria en uso: 14%
RAM física total: 15319.04 MB
RAM física disponible: 13086.9 MB
Virtual total: 25559.04 MB
Virtual disponible: 22495.57 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:446.5 GB) (Free:97.22 GB) NTFS
Drive d: () (Fixed) (Total:2047.87 GB) (Free:1131.33 GB) NTFS
Drive g: () (Removable) (Total:57.3 GB) (Free:42.92 GB) NTFS

\\?\Volume{86ef8ca0-cc5f-44ac-b85d-6b68440cb1b7}\ (Recuperación) (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{1cc5e82a-b0a6-43f0-a8bb-840014101fbf}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 0217742E)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 57.3 GB) (Disk ID: 0499F933)
Partition 1: (Not Active) - (Size=57.3 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 3.

==================== Final de Addition.txt =======================

MMI1 · 7 Junio, 2021 14:20

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 06-06-2021
Ejecutado por nacho (administrador) sobre TUPUTAMADRETEPA (Gigabyte Technology Co., Ltd. B450M DS3H) (07-06-2021 16:10:12)
Ejecutado desde D:\apps\SECURITY
Perfiles cargados: nacho
Platform: Windows 10 Pro Versión 21H1 19043.985 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Brave
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\Application\brave.exe <16>
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Tweaking LLC -> Tweaking.com) D:\apps\SECURITY\tweaking.com_windows_repair_aio\Tweaking.com - Windows Repair\WR_Tray_Icon.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-04-05] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [954456 2021-05-20] (Bitdefender SRL -> Bitdefender)
HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-05-19] (Valve -> Valve Corporation)
HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\Run: [Launcher] => C:\Program Files\Rockstar Games\Launcher\LauncherPatcher.exe [507288 2021-06-01] (Rockstar Games, Inc. -> Rockstar Games)
HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [123792288 2021-06-02] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3144824 2021-06-03] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\Run: [Snap Camera] => C:\Program Files\Snap Inc\Snap Camera\Snap Camera.exe [60191960 2021-05-25] (Snapchat Inc. (Snap Inc.) -> Snap Inc)
HKU\S-1-5-21-3727005302-3991227866-2028133701-1001\...\Policies\Explorer: [NoSaveSettings] 0
BootExecute: autocheck autochk *  BootDefrag.exe
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {1A98BB02-1B05-485B-B1B9-C54521E69E00} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {48A3DA97-2CCB-47ED-BCFC-D2B6E6E8EBFC} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [268576 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {59176364-AE51-43A9-86EC-72A09D9EAC66} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [954456 2021-05-20] (Bitdefender SRL -> Bitdefender)
Task: {59E1A086-D0A2-4149-B69B-85BDD7A33BF6} - System32\Tasks\GlaryOneClickOptimizer 4 => C:\Program Files (x86)\Glary Utilities 4\OneClickMaintenance.exe [227104 2014-03-17] (Glarysoft Ltd -> Glarysoft Ltd)
Task: {6710FD85-B72C-4D7B-A989-B09B3B1D1A5D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {7636B9AB-EDEE-4EBB-870A-3DB82211BB17} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3727005302-3991227866-2028133701-1001Core => C:\Users\nacho\AppData\Local\BraveSoftware\Update\BraveUpdate.exe [163528 2020-10-26] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {77682B9E-A283-4B91-9199-D0964C657506} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [677624 2019-11-21] (Advanced Micro Devices INC. -> )
Task: {A52C8FF2-CE3E-4873-8E3D-1AEB4B391CC2} - System32\Tasks\GlaryInitialize 4 => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe [101152 2014-03-17] (Glarysoft Ltd -> Glarysoft Ltd)
Task: {BDE272D8-935A-4BFA-8C97-47FF73603E01} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [888232 2021-01-29] (Bitdefender SRL -> Bitdefender)
Task: {D52E8F77-4020-410C-BE3C-F6B78671D500} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {D71CCF15-6F28-4F63-9B9D-DBF581135546} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3727005302-3991227866-2028133701-1001UA => C:\Users\nacho\AppData\Local\BraveSoftware\Update\BraveUpdate.exe [163528 2020-10-26] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {E566750D-234A-4F33-A09E-72AB4F1798C1} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [47104 2021-05-11] (Advanced Micro Devices, Inc.) [Archivo no firmado]
Task: {EADCECFF-A4CD-4062-B643-33270A8B2F93} - System32\Tasks\GU4SkipUAC => C:\Program Files (x86)\Glary Utilities 4\Integrator.exe [785184 2014-03-17] (Glarysoft Ltd -> Glarysoft Ltd)
Task: {EB263E83-8F33-4AFA-A099-940096DBA494} - System32\Tasks\cFos\Registration Tasks\Open Browser => c:\users\nacho\appdata\local\bravesoftware\brave-browser\application\brave.exe [2256328 2021-06-03] (Brave Software, Inc. -> Brave Software, Inc.)
Task: {F9858875-B511-4461-BF2B-B38C6D0985D5} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {FED6E336-A465-438B-947C-2B68D4EC5436} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [62752 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GlaryInitialize 4.job => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe
Task: C:\WINDOWS\Tasks\GlaryOneClickOptimizer 4.job => C:\Program Files (x86)\Glary Utilities 4\OneClickMaintenance.exe
Task: C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 80.58.61.254 80.58.61.250
Tcpip\..\Interfaces\{1e694442-7b0e-4bfc-b6e3-4d6e33908c6c}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{a67ecd52-de87-4008-b3e9-2c4fc64ec9cb}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{dba7fe4d-6639-4cfe-a499-00e15adc9a67}: [DhcpNameServer] 80.58.61.254 80.58.61.250

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\nacho\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-07]
Edge Extension: (KeyFind) - C:\Users\nacho\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nnoidofbgkmeabamdgclicncakljkoin [2021-04-09]
Edge Profile: C:\Users\nacho\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2021-05-26]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: jpq9uslk.default
FF DefaultProfile: 3722zr8u.default
FF ProfilePath: C:\Users\nacho\AppData\Roaming\Waterfox\Profiles\jpq9uslk.default [2020-11-24]
FF ProfilePath: C:\Users\nacho\AppData\Roaming\Waterfox\Profiles\8zxj3nyd.68-edition-default [2020-11-24]
FF ProfilePath: C:\Users\nacho\AppData\Roaming\Mozilla\Firefox\Profiles\3722zr8u.default [2021-05-26]
FF ProfilePath: C:\Users\nacho\AppData\Roaming\Mozilla\Firefox\Profiles\0lx8m3jz.default-release [2021-06-06]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2020-07-16] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Extension: (Bitdefender Anti-tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2020-09-17] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2021-04-28] [Heredado] [no firmado]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-04-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-04-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-04-05] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Archivo no firmado]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-04-05] (Adobe Inc. -> Adobe Systems)

Chrome: 
=======
CHR Profile: C:\Users\nacho\AppData\Local\Google\Chrome\User Data\Default [2021-05-26]
CHR Extension: (Presentaciones) - C:\Users\nacho\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-05-21]
CHR Extension: (Documentos) - C:\Users\nacho\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-05-21]
CHR Extension: (Google Drive) - C:\Users\nacho\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-05-21]
CHR Extension: (YouTube) - C:\Users\nacho\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-05-21]
CHR Extension: (Avira Password Manager) - C:\Users\nacho\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-05-21]
CHR Extension: (Avira Safe Shopping) - C:\Users\nacho\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2021-05-21]
CHR Extension: (Hojas de cálculo) - C:\Users\nacho\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-05-21]
CHR Extension: (Avira Navegación segura) - C:\Users\nacho\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-05-21]
CHR Extension: (Bitdefender Wallet) - C:\Users\nacho\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2021-05-21]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\nacho\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-21]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\nacho\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2021-05-21]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\nacho\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-21]
CHR Extension: (Gmail) - C:\Users\nacho\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-05-21]
CHR Extension: (Chrome Media Router) - C:\Users\nacho\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-21]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]

Brave: 
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-06-07]
BRA Notifications: Default -> hxxps://forospyware.com
BRA DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}&t=brave
BRA DefaultSearchKeyword: Default -> :d
BRA DefaultSuggestURL: Default -> hxxps://ac.duckduckgo.com/ac/?q={searchTerms}&type=list
BRA Extension: (Traductor de Google) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-10-27]
BRA Extension: (The FFZ Add-On Pack) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aiimboljphncldaakcnapfolgnjonlea [2021-05-26]
BRA Extension: (BetterTTV) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2021-05-24]
BRA Extension: (Avira Password Manager) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-06-06]
BRA Extension: (Avira Safe Shopping) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2021-04-10]
BRA Extension: (uBlock Origin) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-05-08]
BRA Extension: (FrankerFaceZ) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2020-10-26]
BRA Extension: (Bitdefender Wallet) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2021-05-26]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-04]
BRA Extension: (Chrome Media Router) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-28]
BRA Extension: (Twitch - Auto Channel Points) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pnifeididimfpaomnnellcfjnjmgoepk [2021-05-19]
BRA Profile: C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\System Profile [2021-06-06]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-01-29]
BRA Extension: (Brave Ad Block Updater (ABP X Files)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\agfanagdjcijocanbeednbhclejcjlfo [2021-06-07]
BRA Extension: (Brave Ads Resources) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\ahiocclicnhmiobhocikfdamfccbehhn [2021-05-25]
BRA Extension: (Brave NTP sponsored images) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\alkblaadjjijngaehljijdimckobegga [2021-06-07]
BRA Extension: (Brave Ad Block Updater (Oficjalne Polskie Filtry Przeciwko Alertom o Adblocku)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\baophminpaegfihdcekehejfhpmjimle [2021-06-07]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-06-07]
BRA Extension: (Brave Ad Block Updater (ABPVN List)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\cklgijeopkpaadeipkhdaodemoenlene [2021-06-07]
BRA Extension: (Brave Ad Block Updater (Bulgarian Adblock list)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\coofeapfgmpkchclgdphgpmfhmnplbpn [2021-06-07]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2021-05-01]
BRA Extension: (Brave Ad Block Updater (IRN: AdBlock Iran Filter)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\dbcccdegkijbppmeaihneimbghfghkdl [2021-06-07]
BRA Extension: (Brave Ad Block Updater (YousList)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\djhjpnilfflibdflbkgapjfldapkjcgl [2021-06-07]
BRA Extension: (Brave Ad Block Updater (Adblock Plus Lithuania)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\dkbmlhggeoegbkimcafbfhjibdknflnj [2021-06-07]
BRA Extension: (Brave Ad Block Updater (Adguard Russian Filter)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\dmoefgliihlcfplldbllllbofegmojne [2021-06-07]
BRA Extension: (Brave Ad Block Updater (ABPindo)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\egooomckhdgnfbpofhkbhbkiejaihdll [2021-06-07]
BRA Extension: (Brave Ads Resources) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\elecgkckipdmnkkgndidemmdhdcdfhnp [2021-05-28]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2021-06-07]
BRA Extension: (Brave Ad Block Updater (RU AdList (Дополнительная региональная подписка))) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\enkheaiicpeffbfgjiklngbpkilnbkoi [2021-06-07]
BRA Extension: (Brave Ad Block Updater (Schacks Adblock Plus liste)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\facajiciiepdpjnoifonbfgcnlbpbieo [2021-06-07]
BRA Extension: (Brave Ad Block Updater (EasyList Germany)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\faknfgalcghekhfggcdikddilkpjbonh [2021-06-07]
BRA Extension: (Brave Ad Block Updater (EasyList Dutch)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\fbmjnabmpmfnfknjmbegjmjigmelggmf [2021-06-07]
BRA Extension: (Brave Ad Block Updater (BitBlock List (Дополнительная подписка фильтров))) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\fmcofgdkijoanfaodpdfjipdgnjbiolk [2021-06-07]
BRA Extension: (Brave Ad Block Updater (Eesti saitidele kohandatud filter)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\fnpjliiiicbbpkfihnggnmobcpppjhlj [2021-06-07]
BRA Extension: (Brave Ad Block Updater (Hufilter)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\gemncmbgjgcjjepjkindgdhdilnaanlc [2021-06-07]
BRA Extension: (Brave Ad Block Updater (Adguard Japanese filters (日本用フィルタ))) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\ghnjmapememheddlfgmklijahiofgkea [2021-06-07]
BRA Extension: (Brave Ad Block Updater (Liste AR)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\gpgegghiabhggiplapgdfnfcmodkccji [2021-06-07]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2020-10-26]
BRA Extension: (Brave Ad Block Updater (EasyList Hebrew)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\hjeidaaocognlgpdkfeenmiefipcffbo [2021-06-07]
BRA Extension: (Brave Ad Block Updater (Latvian List)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\hmabmnondepbfogenlfklniehjedmicd [2021-06-07]
BRA Extension: (Brave Ad Block Updater (Romanian Ad (ROad) Block List Light)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\hojdjlebfkngledgkgecohjkjjojaekd [2021-06-07]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-05-05]
BRA Extension: (Brave Ad Block Updater (Fanboy's India Filters)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\jnnbjhbkmgggeoplhadmppaeddmeapla [2021-06-07]
BRA Extension: (Brave Ad Block Updater (EasyList Thailand)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\jplgiejfnpolnfnigblbfeeidoimingd [2021-06-07]
BRA Extension: (Brave Ad Block Updater (Adguard Spanish/Portuguese)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\jpolmkeojnkicccihhepfbkhcbicimpa [2021-06-07]
BRA Extension: (Brave Ad Block Updater (Dandelion Sprout's Nordic Filters)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\kcffflkhcncgnbmgdhcgjfogpoacfied [2021-06-07]
BRA Extension: (Brave Ad Block Updater (Finnish Addition to Easylist)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\kdcalgmhljnckmnfcboeabeepgnlaemf [2021-06-07]
BRA Extension: (Brave Ad Block Updater (Slovenian List)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\lddghfaofadfpaajgncgkbjhalgohfkd [2021-06-07]
BRA Extension: (Brave Ad Block Updater (Easylist-Cookie List - Filter Obtrusive Cookie Notices)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\lfgnenkkneohplacnfabidofpgcdpofm [2021-06-07]
BRA Extension: (Brave Ad Block Updater (CJX's EasyList Lite (main focus on Chinese sites))) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\lgfeompbgommiobcenmodekodmdajcal [2021-06-07]
BRA Extension: (Brave Ad Block Updater (EasyList China (中文))) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\llhecljkijgcaalnbfadljdpkpbehakp [2021-06-07]
BRA Extension: (Brave Ad Block Updater (CJX's Annoyance List)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\llpoppgpcimnmhgehpipdmamalmpfbjd [2021-06-07]
BRA Extension: (Brave Ad Block Updater (Oficjalne Polskie Filtry Przeciwko Alertom o Adblocku - Uzupełnienie)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\ndgeclhidhlfgmjdcapejaldbahmkgbi [2021-06-07]
BRA Extension: (Brave Ad Block Updater (Icelandic ABP List)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\njhlaafgablgnekjaodhgbaomabjibaf [2021-06-07]
BRA Extension: (Brave Ad Block Updater (EasyList Italy)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\nkmllpnhpfieajahfpfmjneipnddhimi [2021-06-07]
BRA Extension: (Crypto Wallets) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\odbfpeeihdkbihmopkbjmoonfanlbfcl [2020-12-04]
BRA Extension: (Brave Ad Block Updater (Fanboy's Korean)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\oidcknjcjepjgfpammgdalpnjefekhge [2021-06-07]
BRA Extension: (Brave Ad Block Updater (Frellwit's Filter List)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\oimfmeehpinnecjghphifehbbnddjkmf [2021-06-07]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2021-06-07]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-06-02]
BRA Extension: (Brave Ad Block Updater (Adguard Turkish Filter)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\oooemoeokehlgldpjjhcgbndjcekllim [2021-06-07]
BRA Extension: (Brave Ad Block Updater (Oficjalne Polskie Filtry do AdBlocka, uBlocka Origin i AdGuarda)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\paoecjnjjbclkgbempaeemcbeldldlbo [2021-06-07]
BRA Extension: (Brave Ad Block Updater (EasyList Spanish)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\pdecoifadfkklajdlmndjpkhabpklldh [2021-06-07]
BRA Extension: (Brave Ad Block Updater (Greek AdBlock Filter)) - C:\Users\nacho\AppData\Local\BraveSoftware\Brave-Browser\User Data\pmgkiiodjlmmpimpmphjhkodjnjfkeke [2021-06-07]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2021-01-09] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
S3 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2021-04-05] (Adobe Inc. -> Adobe Inc.)
S3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe [198256 2021-01-26] (Pango Inc. -> AnchorFree Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [798640 2020-10-02] (Bitdefender SRL -> Bitdefender)
S2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [798640 2020-10-02] (Bitdefender SRL -> Bitdefender)
S2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2161256 2018-03-22] (Bitdefender SRL -> Bitdefender)
S2 BdVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [246888 2021-05-13] (Bitdefender SRL -> Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-02-28] (BattlEye Innovations e.K. -> )
S2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [616344 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
S2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [421536 2021-03-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [80544 2021-03-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-12-03] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.)
S2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10605472 2021-06-02] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-29] (Malwarebytes Inc -> Malwarebytes)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [21753376 2021-05-04] (Mail.Ru LLC -> LLC Mail.Ru)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2547344 2021-06-03] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3487384 2021-06-03] (Electronic Arts, Inc. -> Electronic Arts)
S2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2021-06-03] (Even Balance, Inc. -> )
S2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1358248 2021-01-29] (Bitdefender SRL -> Bitdefender)
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13688656 2021-03-24] (Adlice -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2219416 2021-06-01] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393288 2021-05-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [301144 2021-05-20] (Bitdefender SRL -> Bitdefender)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [694016 2020-07-09] (Oracle Corporation -> Oracle Corporation)
S2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [798640 2020-10-02] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [1001736 2020-12-18] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
S3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0367492.inf_amd64_dc9dba40afc0f9b5\B367342\amdkmdag.sys [82687824 2021-05-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [2718744 2021-02-26] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
S2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [802976 2020-12-04] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2020-12-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [46056 2020-01-17] (Bitdefender SRL -> © Bitdefender SRL)
S1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96616 2020-04-27] (Bitdefender SRL -> BitDefender)
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60312 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
S2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
S3 cpuz150; C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [44832 2021-06-07] (CPUID S.A.R.L.U. -> CPUID)
S1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 gdrv; C:\WINDOWS\gdrv.sys [25640 2021-01-29] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 gdrv2; C:\WINDOWS\gdrv2.sys [32600 2020-11-27] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S0 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [488592 2021-02-16] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
S1 gvm; C:\WINDOWS\system32\DRIVERS\gvm.sys [386040 2020-11-15] (Google LLC -> Google LLC)
S0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [195232 2020-09-03] (Bitdefender SRL -> BitDefender LLC)
S1 HWiNFO_153; C:\WINDOWS\system32\drivers\HWiNFO64A_153.SYS [64240 2020-12-24] (Martin Malik - REALiX -> REALiX(tm))
S2 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [185312 2020-10-07] (Bitdefender SRL -> Bitdefender)
S3 Larmkanal; C:\WINDOWS\System32\drivers\Larmkanal.sys [33144 2015-04-23] (ADORIASOFT LLC -> Adoriasoft LLC)
S2 LGHUBTemperatureService; C:\Program Files\LGHUB\logi_core_temp.sys [22864 2021-06-02] (Logitech Inc -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [37200 2021-04-16] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [25928 2021-04-16] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66896 2021-04-16] (Logitech Inc -> Logitech)
R0 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-06] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-07] (Malwarebytes Inc -> Malwarebytes)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv1.sys [20986200 2021-05-04] (Mail.Ru LLC -> LLC Mail.Ru)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
S3 qcusbnet; C:\WINDOWS\System32\drivers\qcusbnet.sys [428600 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows (R) Win 7 DDK provider)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [47920 2020-02-20] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [641728 2021-02-26] (Bitdefender SRL -> Bitdefender)
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [237376 2020-07-10] (Oracle Corporation -> Oracle Corporation)
S1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [248248 2020-07-10] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [175040 2020-07-10] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 XSpltVid; C:\WINDOWS\system32\DRIVERS\XSpltVid.sys [118800 2020-09-16] (Microsoft Windows Hardware Compatibility Publisher -> SplitmediaLabs Limited)
S0 b06bdrv; System32\drivers\bxvbda.sys [X]
S0 BootDefragDriver; System32\drivers\BootDefragDriver.sys [X]

MMI1 · 7 Junio, 2021 14:20

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2040-05-12 06:08 - 2040-05-12 06:08 - 000000000 ___HD C:\Users\nacho\MicrosoftEdgeBackups
2040-05-12 06:07 - 2020-11-07 03:13 - 000000000 ___RD C:\Users\nacho\OneDrive
2040-05-12 06:05 - 2021-04-10 23:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2040-05-12 06:05 - 2021-03-13 16:26 - 000000000 ___RD C:\Users\nacho\3D Objects
2040-05-12 05:54 - 2040-05-12 05:54 - 000000000 _SHDL C:\Users\Public\Documents\Mis vídeos
2040-05-12 05:54 - 2040-05-12 05:54 - 000000000 _SHDL C:\Users\Public\Documents\Mis imágenes
2040-05-12 05:54 - 2040-05-12 05:54 - 000000000 _SHDL C:\Users\Public\Documents\Mi música
2040-05-12 05:54 - 2040-05-12 05:54 - 000000000 _SHDL C:\Users\Default\Reciente
2040-05-12 05:54 - 2040-05-12 05:54 - 000000000 _SHDL C:\Users\Default\Plantillas
2040-05-12 05:54 - 2040-05-12 05:54 - 000000000 _SHDL C:\Users\Default\Mis documentos
2040-05-12 05:54 - 2040-05-12 05:54 - 000000000 _SHDL C:\Users\Default\Menú Inicio
2040-05-12 05:54 - 2040-05-12 05:54 - 000000000 _SHDL C:\Users\Default\Impresoras
2040-05-12 05:54 - 2040-05-12 05:54 - 000000000 _SHDL C:\Users\Default\Entorno de red
2040-05-12 05:54 - 2040-05-12 05:54 - 000000000 _SHDL C:\Users\Default\Documents\Mis vídeos
2040-05-12 05:54 - 2040-05-12 05:54 - 000000000 _SHDL C:\Users\Default\Documents\Mis imágenes
2040-05-12 05:54 - 2040-05-12 05:54 - 000000000 _SHDL C:\Users\Default\Documents\Mi música
2040-05-12 05:54 - 2040-05-12 05:54 - 000000000 _SHDL C:\Users\Default\Datos de programa
2040-05-12 05:54 - 2040-05-12 05:54 - 000000000 _SHDL C:\Users\Default\Configuración local
2040-05-12 05:54 - 2040-05-12 05:54 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2040-05-12 05:54 - 2040-05-12 05:54 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2040-05-12 05:54 - 2040-05-12 05:54 - 000000000 _SHDL C:\Documents and Settings
2040-05-12 05:54 - 2040-05-12 05:54 - 000000000 _SHDL C:\Archivos de programa
2021-06-07 05:04 - 2021-06-07 05:04 - 000000000 ____D C:\Users\nacho\AppData\Local\Snap
2021-06-07 05:04 - 2021-06-07 05:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snap Inc
2021-06-07 05:04 - 2020-10-12 21:08 - 002800232 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\SnapCameraVirtualDevice.sys
2021-06-07 05:03 - 2021-06-07 05:03 - 000000000 ____D C:\Program Files\Snap Inc
2021-06-06 21:35 - 2021-06-06 21:35 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-06-06 16:57 - 2021-06-06 16:57 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2021-06-06 16:56 - 2021-06-06 16:56 - 000000008 __RSH C:\ProgramData\ntuser.pol
2021-06-06 16:53 - 2021-06-06 16:55 - 000013021 _____ C:\Users\nacho\Desktop\Fixlog.txt
2021-06-06 16:53 - 2021-06-06 16:51 - 002300416 _____ (Farbar) C:\Users\nacho\Desktop\FRST64.exe
2021-06-06 16:43 - 2021-06-06 16:43 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-TUPUTAMADRETEPA-Windows-10-Pro-(64-bit).dat
2021-06-06 16:43 - 2021-06-06 16:43 - 000000000 ____D C:\RegBackup
2021-06-06 16:41 - 2021-06-06 16:41 - 000002312 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2021-06-06 16:41 - 2021-06-06 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2021-06-06 16:41 - 2021-06-06 16:41 - 000000000 ____D C:\Program Files (x86)\Tweaking.com
2021-06-06 16:40 - 2021-06-06 16:41 - 000019826 _____ C:\WINDOWS\Tweaking.com - Registry Backup Setup Log.txt
2021-06-06 16:39 - 2021-06-06 16:39 - 000000000 ___HD C:\kleaner.tmp
2021-06-06 16:36 - 2021-05-31 21:53 - 000078105 _____ C:\Users\nacho\Desktop\FRST.txt
2021-06-05 20:34 - 2021-06-05 20:39 - 000000000 ____D C:\ProgramData\ADiag
2021-06-05 20:34 - 2021-06-05 20:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diag
2021-06-05 20:34 - 2021-06-05 20:34 - 000000000 ____D C:\Program Files\Diag
2021-06-05 19:56 - 2021-06-05 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2021-06-05 19:56 - 2021-06-05 19:56 - 000000000 ____D C:\Program Files\RogueKiller
2021-06-05 19:55 - 2021-06-05 20:01 - 000000000 ____D C:\ProgramData\RogueKiller
2021-06-05 12:57 - 2021-06-05 14:15 - 000000000 ____D C:\Users\nacho\AppData\Local\Amazon Games
2021-06-03 21:40 - 2021-06-03 21:47 - 000000000 ____D C:\Users\nacho\Documents\Battlefield 4
2021-06-03 17:46 - 2021-06-03 17:46 - 000000732 _____ C:\Users\Public\Desktop\Battlefield 4.lnk
2021-06-03 17:46 - 2021-06-03 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2021-06-03 17:46 - 2021-06-03 17:46 - 000000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2021-06-03 17:34 - 2021-06-03 17:34 - 000000000 ___HD C:\Users\nacho\Desktop\FarCry 5
2021-06-03 17:32 - 2021-06-07 15:59 - 000000000 ____D C:\Program Files (x86)\Origin Games
2021-06-03 17:31 - 2021-06-03 17:46 - 000000000 ____D C:\ProgramData\Electronic Arts
2021-06-03 17:31 - 2021-06-03 17:31 - 000001066 _____ C:\Users\Public\Desktop\Origin.lnk
2021-06-03 17:31 - 2021-06-03 17:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2021-06-03 17:31 - 2021-06-03 17:31 - 000000000 ____D C:\Program Files (x86)\Origin
2021-06-03 17:30 - 2021-06-07 15:59 - 000000000 ____D C:\Users\nacho\AppData\Roaming\Origin
2021-06-02 23:58 - 2021-06-02 23:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2021-06-02 23:58 - 2021-06-02 23:58 - 000000000 ____D C:\Program Files\LGHUB
2021-06-02 23:16 - 2021-06-02 23:23 - 000000372 _____ C:\Users\nacho\Desktop\RECETA VASCO .txt
2021-05-30 20:20 - 2021-05-30 20:33 - 000000000 ____D C:\Users\nacho\AppData\Roaming\Vortex
2021-05-30 20:20 - 2021-05-30 20:20 - 000002056 _____ C:\Users\Public\Desktop\Vortex.lnk
2021-05-30 20:20 - 2021-05-30 20:20 - 000000000 ____D C:\ProgramData\Vortex
2021-05-30 20:20 - 2021-05-30 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Tree Gaming Ltd
2021-05-30 20:20 - 2021-05-30 20:20 - 000000000 ____D C:\Program Files\Black Tree Gaming Ltd
2021-05-30 17:02 - 2021-05-30 17:09 - 000000000 ____D C:\FSTool
2021-05-30 05:38 - 2021-05-30 05:38 - 000000000 ____D C:\Users\nacho\AppData\LocalLow\Kinetic Games
2021-05-29 18:14 - 2021-05-29 20:22 - 000003360 _____ C:\Users\nacho\Desktop\REAPASO EXAMEN SISTEMAS.txt
2021-05-29 18:14 - 2021-05-29 18:56 - 000001610 _____ C:\Users\nacho\Desktop\IDEA .txt
2021-05-29 13:08 - 2021-05-29 13:08 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\4662424E.sys
2021-05-29 12:59 - 2021-06-07 16:00 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-05-29 12:59 - 2021-05-29 12:59 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-05-29 12:59 - 2021-05-29 12:59 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-05-29 12:59 - 2021-05-29 12:59 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-05-29 12:58 - 2021-05-29 12:58 - 000000000 ____D C:\Program Files\Malwarebytes
2021-05-29 00:00 - 2021-05-29 00:00 - 000003126 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-05-28 23:56 - 2021-05-28 23:56 - 000003106 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-05-28 23:56 - 2021-05-28 23:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2021-05-28 23:55 - 2021-05-28 23:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Link For Windows
2021-05-28 23:55 - 2021-05-28 23:55 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR
2021-05-28 23:55 - 2021-05-28 23:55 - 000002622 _____ C:\WINDOWS\system32\Tasks\AMDRyzenMasterSDKTask
2021-05-28 23:55 - 2021-05-28 23:55 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-05-28 23:55 - 2021-05-28 23:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2021-05-28 20:06 - 2021-05-28 20:06 - 000000342 _____ C:\Users\nacho\Documents\ESET.txt
2021-05-28 16:57 - 2021-05-28 16:59 - 000001946 _____ C:\Users\nacho\Desktop\Rkill.txt
2021-05-26 20:05 - 2021-05-26 20:05 - 000003025 _____ C:\Users\nacho\Desktop\Nuevo documento de texto (2).txt
2021-05-26 20:04 - 2021-05-26 20:05 - 000003552 _____ C:\Users\nacho\Desktop\Nuevo documento de texto.txt
2021-05-26 19:21 - 2021-05-26 19:21 - 003255448 _____ (Nicolas Coolman) C:\Users\nacho\Downloads\ZHPCleaner.exe
2021-05-26 19:21 - 2021-05-26 19:21 - 000000920 _____ C:\Users\nacho\Desktop\ZHPCleaner.lnk
2021-05-26 19:21 - 2021-05-26 19:21 - 000000000 ____D C:\Users\nacho\AppData\Local\ZHP
2021-05-26 19:04 - 2021-05-26 21:27 - 000000000 ____D C:\Program Files\CCleaner
2021-05-26 19:03 - 2021-05-26 19:03 - 030972600 _____ (Piriform Software Ltd) C:\Users\nacho\Downloads\ccsetup577.exe
2021-05-26 06:07 - 2021-05-26 06:07 - 000000000 ___HD C:\$SysReset
2021-05-26 04:34 - 2021-05-26 04:43 - 000334912 _____ C:\TDSSKiller.3.1.0.28_26.05.2021_04.34.55_log.txt
2021-05-26 04:33 - 2021-05-26 04:33 - 000334594 _____ C:\TDSSKiller.3.1.0.28_26.05.2021_04.33.10_log.txt
2021-05-26 04:32 - 2021-05-26 04:32 - 000010396 _____ C:\TDSSKiller.3.1.0.28_26.05.2021_04.32.24_log.txt
2021-05-26 02:41 - 2021-05-26 02:41 - 000002239 _____ C:\Users\Public\Desktop\RSI Launcher.lnk
2021-05-26 02:41 - 2021-05-26 02:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roberts Space Industries
2021-05-26 02:40 - 2021-05-26 02:40 - 109452464 _____ (Cloud Imperium Games) C:\Users\nacho\Downloads\RSI-Setup-1.4.10.exe
2021-05-25 21:00 - 2021-05-25 21:00 - 000000000 ____D C:\Users\nacho\AppData\Roaming\twitch-desktop-electron-platform
2021-05-25 20:40 - 2021-05-25 20:40 - 158111880 _____ (StreamElements) C:\Users\nacho\Downloads\obs-streamelements-setup.exe
2021-05-25 18:36 - 2021-06-01 15:35 - 000002283 _____ C:\Users\nacho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\yuzu.lnk
2021-05-25 18:36 - 2021-06-01 15:35 - 000000000 ____D C:\Users\nacho\AppData\Roaming\yuzu
2021-05-25 18:36 - 2021-06-01 15:34 - 000000000 ____D C:\Users\nacho\AppData\Local\yuzu
2021-05-25 18:36 - 2021-05-25 18:36 - 000001365 _____ C:\Users\nacho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\yuzu Maintenance Tool.lnk
2021-05-25 17:58 - 2021-05-25 17:58 - 000000000 ____D C:\Users\nacho\Downloads\idle_master_extended_v1.7
2021-05-25 17:58 - 2021-05-25 17:58 - 000000000 ____D C:\Users\nacho\AppData\Local\IdleMasterExtended
2021-05-25 05:09 - 2021-06-07 15:59 - 000000000 ____D C:\Users\nacho\AppData\Local\Origin
2021-05-24 05:43 - 2021-05-24 05:44 - 000000562 _____ C:\TDSSKiller.3.1.0.28_24.05.2021_05.43.59_log.txt
2021-05-23 14:15 - 2021-05-23 15:00 - 000000000 ____D C:\Users\nacho\BrawlhallaReplays
2021-05-23 06:53 - 2021-05-23 06:53 - 000000000 ____D C:\Users\nacho\Documents\Horizon Zero Dawn
2021-05-23 03:40 - 2021-05-23 05:55 - 000000000 ____D C:\Users\nacho\Documents\The Witcher 3
2021-05-23 02:00 - 2021-05-25 05:48 - 000032768 _____ C:\Users\Public\Documents\crash_dump.bin
2021-05-22 18:15 - 2021-05-22 18:16 - 000000000 ____D C:\Users\nacho\AppData\Roaming\BrawlhallaAir
2021-05-22 16:56 - 2021-06-06 16:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-05-22 16:56 - 2021-05-22 16:56 - 000000000 ____D C:\Users\nacho\AppData\Local\Mozilla
2021-05-22 16:18 - 2021-05-22 16:18 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\162271B3.sys
2021-05-22 06:33 - 2021-05-22 06:33 - 000000000 ____D C:\Users\nacho\AppData\LocalLow\BinaryNonsense
2021-05-22 06:08 - 2021-05-22 06:08 - 000000000 ____D C:\Users\nacho\AppData\LocalLow\Adi Zhavo
2021-05-21 22:48 - 2021-05-21 22:48 - 000000000 ____D C:\ProgramData\Codemasters
2021-05-21 20:37 - 2021-05-21 20:37 - 000000000 ____D C:\Users\nacho\AppData\LocalLow\Baked Games
2021-05-21 15:12 - 2021-05-21 15:12 - 000000000 ____D C:\Users\nacho\AppData\Local\WorldOfWarships
2021-05-21 01:29 - 2021-05-21 01:32 - 000000000 ____D C:\Program Files (x86)\Google
2021-05-20 03:55 - 2021-05-20 03:55 - 000779932 _____ C:\ProgramData\cl.1621475567.bdinstall.v2.bin
2021-05-20 03:55 - 2021-05-20 03:55 - 000104068 _____ C:\ProgramData\cl.kit.1621475566.bdinstall.v2.bin
2021-05-20 03:55 - 2021-05-20 03:55 - 000003420 _____ C:\WINDOWS\system32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2021-05-20 03:53 - 2021-05-20 04:23 - 000000000 ____D C:\ProgramData\Bitdefender
2021-05-20 03:53 - 2021-05-20 03:53 - 000000000 ____D C:\Users\nacho\AppData\Roaming\Bitdefender
2021-05-20 03:53 - 2021-05-20 03:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2021-05-20 03:53 - 2021-02-26 18:31 - 000641728 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2021-05-20 03:53 - 2021-02-26 13:40 - 002718744 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2021-05-20 03:53 - 2021-02-16 15:31 - 000488592 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\gemma.sys
2021-05-20 03:53 - 2020-12-18 02:33 - 000022976 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2021-05-20 03:53 - 2020-12-04 16:15 - 000802976 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2021-05-20 03:53 - 2020-10-07 11:30 - 000185312 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2021-05-20 03:53 - 2020-09-03 05:20 - 000195232 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2021-05-20 03:53 - 2020-01-17 03:03 - 000046056 _____ (© Bitdefender SRL) C:\WINDOWS\system32\Drivers\bdprivmon.sys
2021-05-20 03:52 - 2021-05-20 03:53 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2021-05-20 03:52 - 2021-05-20 03:52 - 000088748 _____ C:\ProgramData\agent.update.1621475526.bdinstall.v2.bin
2021-05-19 18:00 - 2021-05-19 18:04 - 000000000 ____D C:\Users\nacho\Doctor Web
2021-05-19 17:25 - 2021-05-19 17:25 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\252213F5.sys
2021-05-17 03:19 - 2021-05-17 03:19 - 001857856 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-05-17 03:19 - 2021-05-17 03:19 - 001857856 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-05-17 03:19 - 2021-05-17 03:19 - 001438536 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-05-17 03:19 - 2021-05-17 03:19 - 001438536 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-05-17 03:19 - 2021-05-17 03:19 - 001093736 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-05-17 03:19 - 2021-05-17 03:19 - 001093736 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-05-17 03:19 - 2021-05-17 03:19 - 000946904 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-05-17 03:19 - 2021-05-17 03:19 - 000946904 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-05-17 03:19 - 2021-05-17 03:19 - 000736576 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2021-05-17 03:19 - 2021-05-17 03:19 - 000620864 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2021-05-17 03:19 - 2021-05-17 03:19 - 000046400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2021-05-17 03:19 - 2021-05-17 03:19 - 000043328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2021-05-17 03:18 - 2021-05-17 03:18 - 000496448 _____ C:\WINDOWS\system32\GameManager64.dll
2021-05-17 03:18 - 2021-05-17 03:18 - 000492864 _____ C:\WINDOWS\system32\dgtrayicon.exe
2021-05-17 03:18 - 2021-05-17 03:18 - 000432448 _____ C:\WINDOWS\system32\EEURestart.exe
2021-05-17 03:18 - 2021-05-17 03:18 - 000346432 _____ C:\WINDOWS\system32\clinfo.exe
2021-05-17 03:18 - 2021-05-17 03:18 - 000245056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2021-05-17 03:18 - 2021-05-17 03:18 - 000212808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2021-05-17 03:18 - 2021-05-17 03:18 - 000186688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2021-05-17 03:18 - 2021-05-17 03:18 - 000166712 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2021-05-17 03:18 - 2021-05-17 03:18 - 000166224 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2021-05-17 03:18 - 2021-05-17 03:18 - 000166208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2021-05-17 03:18 - 2021-05-17 03:18 - 000156480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2021-05-17 03:18 - 2021-05-17 03:18 - 000142144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2021-05-17 03:18 - 2021-05-17 03:18 - 000140600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2021-05-17 03:18 - 2021-05-17 03:18 - 000090432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2021-05-17 03:18 - 2021-05-17 03:18 - 000075072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2021-05-17 03:18 - 2021-05-17 03:18 - 000019880 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2021-05-17 03:17 - 2021-05-17 03:17 - 081573696 _____ C:\WINDOWS\system32\amd_comgr.dll
2021-05-17 03:17 - 2021-05-17 03:17 - 067153744 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2021-05-17 03:17 - 2021-05-17 03:17 - 005800768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2021-05-17 03:17 - 2021-05-17 03:17 - 005520200 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2021-05-17 03:17 - 2021-05-17 03:17 - 001535312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiacm64.dll
2021-05-17 03:17 - 2021-05-17 03:17 - 001331536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2021-05-17 03:17 - 2021-05-17 03:17 - 000821056 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2021-05-17 03:17 - 2021-05-17 03:17 - 000468304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2021-05-17 03:17 - 2021-05-17 03:17 - 000455992 _____ C:\WINDOWS\system32\atieah64.exe
2021-05-17 03:17 - 2021-05-17 03:17 - 000351552 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2021-05-17 03:17 - 2021-05-17 03:17 - 000182096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2021-05-17 03:17 - 2021-05-17 03:17 - 000158360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2021-05-17 03:17 - 2021-05-17 03:17 - 000149824 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-05-17 03:17 - 2021-05-17 03:17 - 000135504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2021-05-17 03:17 - 2021-05-17 03:17 - 000130896 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-05-17 03:17 - 2021-05-17 03:17 - 000125264 _____ C:\WINDOWS\system32\atidxx64.dll
2021-05-17 03:17 - 2021-05-17 03:17 - 000115528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2021-05-17 03:17 - 2021-05-17 03:17 - 000107328 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2021-05-17 03:17 - 2021-05-17 03:17 - 000069952 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2021-05-17 03:16 - 2021-05-17 03:16 - 072481616 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2021-05-17 03:16 - 2021-05-17 03:16 - 001685728 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2021-05-17 03:16 - 2021-05-17 03:16 - 001365080 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2021-05-17 03:16 - 2021-05-17 03:16 - 000940880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2021-05-17 03:16 - 2021-05-17 03:16 - 000768336 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2021-05-17 03:16 - 2021-05-17 03:16 - 000546872 _____ C:\WINDOWS\system32\amdmiracast.dll
2021-05-17 03:16 - 2021-05-17 03:16 - 000489272 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2021-05-17 03:16 - 2021-05-17 03:16 - 000466256 _____ C:\WINDOWS\system32\amdlogum.exe
2021-05-17 03:16 - 2021-05-17 03:16 - 000379704 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2021-05-17 03:16 - 2021-05-17 03:16 - 000169696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2021-05-17 03:16 - 2021-05-17 03:16 - 000130336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2021-05-17 03:16 - 2021-05-17 03:16 - 000130336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2021-05-17 03:16 - 2021-05-17 03:16 - 000108352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2021-05-17 03:16 - 2021-05-17 03:16 - 000108352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2021-05-17 03:15 - 2021-05-17 03:15 - 000136000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2021-05-17 03:15 - 2021-05-17 03:15 - 000120344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2021-05-17 03:04 - 2021-05-17 03:04 - 000000000 ____D C:\Users\nacho\AppData\Local\GIMS
2021-05-17 00:24 - 2021-05-17 00:25 - 000334942 _____ C:\TDSSKiller.3.1.0.28_17.05.2021_00.24.19_log.txt
2021-05-17 00:02 - 2021-05-17 00:02 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\C4719743.sys
2021-05-16 21:55 - 2021-05-16 23:52 - 000000000 ____D C:\Users\nacho\AppData\Local\Opera Software
2021-05-16 21:54 - 2021-05-16 23:52 - 000000000 ____D C:\Users\nacho\AppData\Roaming\Opera Software
2021-05-16 21:51 - 2021-05-16 21:51 - 000000000 ____D C:\Users\nacho\AppData\Local\Adaware
2021-05-16 21:45 - 2021-05-16 23:46 - 000000000 ____D C:\Users\nacho\AppData\Local\BitTorrentHelper
2021-05-16 21:44 - 2021-05-16 21:44 - 000000000 ____D C:\Users\nacho\AppData\Local\UTW008
2021-05-16 19:16 - 2021-05-16 19:18 - 000334806 _____ C:\TDSSKiller.3.1.0.28_16.05.2021_19.16.11_log.txt
2021-05-16 18:56 - 2021-05-16 18:56 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\4153414A.sys
2021-05-16 18:31 - 2021-05-16 18:31 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\3F41342C.sys
2021-05-16 18:23 - 2021-05-24 05:45 - 000001868 _____ C:\Users\nacho\Documents\Rkill.txt
2021-05-16 02:59 - 2021-05-24 13:17 - 000000553 _____ C:\Users\nacho\Documents\JRT.txt
2021-05-13 23:23 - 2021-05-13 23:23 - 000215884 _____ C:\ProgramData\vpn.1620941008.bdinstall.v2.bin
2021-05-13 23:23 - 2021-05-13 23:23 - 000000000 ____D C:\ProgramData\Bitdefender VPN
2021-05-13 23:23 - 2021-05-13 23:23 - 000000000 ____D C:\ProgramData\AnchorFree_Inc
2021-05-13 23:02 - 2021-05-20 03:53 - 000000000 ____D C:\Program Files\Bitdefender
2021-05-13 23:01 - 2021-05-13 23:01 - 000019372 _____ C:\ProgramData\agent.1620939669.bdinstall.v2.bin
2021-05-13 22:10 - 2021-05-13 23:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN
2021-05-13 22:10 - 2021-05-13 23:00 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2021-05-13 22:10 - 2021-05-13 22:53 - 000000000 ____D C:\Program Files\Common Files\AV
2021-05-13 13:43 - 2021-05-13 13:44 - 000000000 ____D C:\AdwCleaner
2021-05-13 13:33 - 2021-05-13 13:33 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-13 13:21 - 2021-05-13 13:21 - 000000000 ____D C:\Users\Default\.dotnet
2021-05-13 11:44 - 2021-05-13 11:44 - 000000000 ____D C:\Users\nacho\AppData\Local\Publishers
2021-05-11 09:01 - 2021-05-11 09:01 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2021-05-11 09:01 - 2021-05-11 09:01 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2021-05-11 08:55 - 2021-05-11 08:55 - 059164696 _____ C:\WINDOWS\system32\amdxc64.so
2021-05-11 07:53 - 2021-05-11 07:53 - 000558136 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2021-05-11 07:53 - 2021-05-11 07:53 - 000558136 _____ C:\WINDOWS\system32\atiapfxx.blb
2021-05-10 12:07 - 2021-05-10 12:07 - 000000000 ____D C:\Users\nacho\Documents\EXAMEN FINAL

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-06-07 16:10 - 2021-04-10 21:16 - 000000000 ____D C:\FRST
2021-06-07 16:04 - 2021-03-13 16:25 - 001763618 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-07 16:04 - 2019-12-07 16:55 - 000784656 _____ C:\WINDOWS\system32\perfh00A.dat
2021-06-07 16:04 - 2019-12-07 16:55 - 000154616 _____ C:\WINDOWS\system32\perfc00A.dat
2021-06-07 16:04 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-07 16:00 - 2021-04-09 15:05 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-06-07 16:00 - 2021-03-13 16:16 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-07 16:00 - 2020-10-26 23:09 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-06-07 16:00 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-06-07 15:59 - 2021-04-17 14:08 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 4
2021-06-07 15:59 - 2021-03-13 16:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-07 15:59 - 2020-11-14 03:32 - 000000000 ____D C:\ProgramData\Origin
2021-06-07 15:58 - 2021-04-09 15:46 - 000000000 ____D C:\Users\nacho\AppData\LocalLow\IGDump
2021-06-07 15:55 - 2020-10-27 00:35 - 000000000 ____D C:\Users\nacho\AppData\Roaming\discord
2021-06-07 15:48 - 2020-10-27 00:35 - 000000000 ____D C:\Users\nacho\AppData\Local\Discord
2021-06-07 15:47 - 2020-05-06 03:42 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-06-07 15:44 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-07 05:26 - 2021-01-25 22:58 - 000000000 ____D C:\Program Files (x86)\Steam
2021-06-07 04:34 - 2020-10-27 17:09 - 000000000 ____D C:\Users\nacho\AppData\Local\CrashDumps
2021-06-06 21:38 - 2020-12-09 18:33 - 000000000 ____D C:\WINDOWS\pss
2021-06-06 18:54 - 2021-03-13 16:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-06 16:55 - 2020-02-23 20:02 - 000000000 ____D C:\Users\nacho\AppData\LocalLow\Temp
2021-06-06 16:54 - 2020-10-26 23:02 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-06-06 16:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-06-06 16:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ELAMBKUP
2021-06-06 14:12 - 2021-03-10 19:11 - 000000000 ____D C:\Users\nacho\AppData\Roaming\vlc
2021-06-06 14:08 - 2021-04-13 20:01 - 000000000 ___HD C:\Users\nacho\Downloads\Telegram Desktop
2021-06-06 03:35 - 2020-10-28 02:32 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2021-06-05 22:58 - 2020-11-10 01:02 - 000000000 ____D C:\Users\nacho\AppData\Roaming\slobs-client
2021-06-05 17:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-05 15:05 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-05 02:23 - 2020-10-26 23:10 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-04 03:34 - 2020-10-26 23:28 - 000002666 _____ C:\Users\nacho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-06-04 03:34 - 2020-10-26 23:28 - 000002629 _____ C:\Users\nacho\Desktop\Brave.lnk
2021-06-03 21:40 - 2020-10-26 23:20 - 000000000 ____D C:\Users\nacho\AppData\Local\D3DSCache
2021-06-03 21:31 - 2019-12-07 11:03 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2021-06-03 17:46 - 2020-12-18 03:25 - 000281872 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2021-06-03 17:46 - 2020-12-18 03:25 - 000281872 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2021-06-03 17:46 - 2020-12-18 03:25 - 000076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2021-06-03 17:46 - 2020-10-27 01:38 - 000000000 ____D C:\ProgramData\Package Cache
2021-06-03 04:07 - 2021-01-14 19:13 - 000000000 ____D C:\Users\nacho\AppData\Roaming\LGHUB
2021-06-03 04:07 - 2020-11-26 02:11 - 000000000 ____D C:\Users\nacho\AppData\Roaming\rsilauncher
2021-06-02 23:59 - 2021-01-14 19:13 - 000000000 ____D C:\Users\nacho\AppData\Local\LGHUB
2021-06-02 23:57 - 2020-11-26 20:48 - 000000000 ____D C:\ProgramData\LogiShrd
2021-06-02 04:31 - 2021-02-10 20:17 - 000000000 ____D C:\Users\nacho\AppData\Roaming\Code
2021-06-02 04:27 - 2021-02-10 20:17 - 000000000 ____D C:\Users\nacho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2021-06-01 17:11 - 2021-04-24 19:27 - 000000000 ____D C:\Users\nacho\AppData\Local\FiveM
2021-06-01 16:50 - 2020-12-19 23:35 - 000000000 ____D C:\Program Files\Rockstar Games
2021-06-01 16:50 - 2020-12-19 23:35 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2021-06-01 04:22 - 2020-10-27 03:22 - 000000000 ____D C:\Users\nacho\AppData\Local\Ubisoft Game Launcher
2021-05-31 19:10 - 2020-10-28 02:32 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2021-05-29 13:30 - 2021-04-18 14:02 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2021-05-29 12:59 - 2020-10-27 01:57 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-05-29 12:36 - 2020-10-26 23:20 - 000000000 ____D C:\Users\nacho\AppData\Local\AMD
2021-05-29 12:31 - 2019-12-14 17:07 - 000000000 ____D C:\Users\nacho\AppData\LocalLow\AMD
2021-05-28 23:55 - 2021-04-08 14:16 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2021-05-28 23:55 - 2020-10-27 01:33 - 000000000 ____D C:\Program Files\AMD
2021-05-28 23:50 - 2021-01-29 05:25 - 000000000 ____D C:\AMD
2021-05-28 23:46 - 2020-12-02 23:47 - 000000000 ____D C:\Users\nacho\AppData\Local\AMD_Common
2021-05-28 23:44 - 2020-06-09 03:23 - 000000000 ____D C:\Users\nacho\Documents\My Games
2021-05-28 23:16 - 2020-10-26 23:20 - 000000000 ____D C:\Users\nacho\AppData\Local\Packages
2021-05-28 16:34 - 2020-10-26 23:22 - 000000000 ____D C:\Users\nacho\AppData\Local\PlaceholderTileLogoFolder
2021-05-27 21:32 - 2021-04-19 14:02 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-05-26 22:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-05-26 21:38 - 2020-11-24 03:24 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-26 21:30 - 2021-02-11 23:12 - 000000000 ____D C:\Program Files\Common Files\Twitch
2021-05-26 20:10 - 2021-04-10 20:57 - 000000000 ____D C:\Users\nacho\AppData\Roaming\ZHP
2021-05-26 18:45 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-26 02:51 - 2021-02-22 20:59 - 000000000 ____D C:\Program Files\Roberts Space Industries
2021-05-25 20:57 - 2020-12-20 22:17 - 000000000 ____D C:\Users\nacho\AppData\Roaming\obs-studio
2021-05-25 20:53 - 2020-11-20 05:12 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2021-05-25 20:51 - 2021-03-12 12:46 - 000000000 ____D C:\Users\nacho\Documents\Wondershare Filmora 9
2021-05-25 20:46 - 2020-12-20 22:17 - 000000000 ____D C:\Program Files\obs-studio
2021-05-25 18:24 - 2020-10-27 00:35 - 000002276 _____ C:\Users\nacho\Desktop\Discord.lnk
2021-05-24 14:53 - 2020-11-07 22:00 - 000000000 ____D C:\Users\nacho\.VirtualBox
2021-05-24 14:53 - 2020-03-25 17:22 - 000000000 ____D C:\Users\nacho\VirtualBox VMs
2021-05-24 14:18 - 2020-10-30 01:07 - 000000000 ____D C:\ProgramData\VirtualBox
2021-05-24 13:25 - 2020-10-26 23:02 - 000000690 _____ C:\WINDOWS\system32\Drivers\etc\BackupHosts.bak
2021-05-23 14:15 - 2021-03-13 13:22 - 000000000 ____D C:\Users\nacho
2021-05-22 21:47 - 2020-03-16 14:14 - 000000000 ____D C:\Users\nacho\Documents\MARIA JOSE
2021-05-22 17:30 - 2020-01-26 03:47 - 000000000 ____D C:\Users\nacho\AppData\LocalLow\Mozilla
2021-05-22 16:56 - 2020-11-24 03:24 - 000000000 ____D C:\Users\nacho\AppData\Roaming\Mozilla
2021-05-22 16:41 - 2021-04-18 14:02 - 000000000 ____D C:\Users\nacho\Documents\mbar
2021-05-21 22:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-21 22:47 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-05-21 01:29 - 2020-11-15 04:46 - 000000000 ____D C:\Users\nacho\AppData\Local\Google
2021-05-20 15:23 - 2021-01-28 00:55 - 000000000 ____D C:\Program Files\Streamlabs OBS
2021-05-20 03:55 - 2021-04-17 14:12 - 000000000 ____D C:\Program Files\Bitdefender Agent
2021-05-17 03:18 - 2021-04-08 14:08 - 000379712 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2021-05-17 03:18 - 2021-04-08 14:08 - 000019880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2021-05-17 03:17 - 2021-04-08 14:08 - 001748816 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2021-05-17 03:17 - 2021-04-08 14:08 - 001331536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2021-05-17 03:16 - 2021-04-08 14:08 - 000202144 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2021-05-16 18:48 - 2020-11-16 19:27 - 000000000 ____D C:\Program Files (x86)\Notepad++
2021-05-16 15:03 - 2021-04-09 17:13 - 000000000 ____D C:\ProgramData\TEMP
2021-05-16 04:09 - 2020-11-22 03:40 - 000000000 ____D C:\Program Files (x86)\MaskVPN
2021-05-15 23:21 - 2020-10-27 03:51 - 000000000 ____D C:\Users\nacho\AppData\Roaming\.minecraft
2021-05-14 19:26 - 2021-04-14 23:33 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2021-05-14 00:17 - 2021-04-20 00:41 - 000000000 ____D C:\Users\nacho\AppData\Local\Enlisted
2021-05-13 22:11 - 2021-01-03 23:20 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2021-05-13 17:46 - 2021-03-13 16:16 - 000444888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-13 17:45 - 2019-12-07 16:58 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-05-13 17:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-13 17:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-13 13:24 - 2020-10-27 01:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-13 13:22 - 2020-10-27 01:35 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-13 13:21 - 2021-04-24 21:53 - 000000000 ____D C:\Program Files\dotnet
2021-05-13 13:09 - 2020-10-28 23:40 - 000000000 ____D C:\Program Files\Microsoft Office
2021-05-13 13:08 - 2020-10-26 23:02 - 000000076 _____ C:\WINDOWS\win.ini
2021-05-13 13:08 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-05-12 17:27 - 2021-04-18 18:50 - 000000000 ____D C:\Users\nacho\AppData\Roaming\trainerv
2021-05-11 21:02 - 2020-10-26 23:35 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-11 09:18 - 2021-04-08 14:15 - 002261136 _____ (AMD Inc.) C:\WINDOWS\SysWOW64\AMDBugReportTool.exe

==================== Archivos en la raíz de algunos directorios ========

2021-04-06 19:19 - 2021-04-07 00:48 - 000012288 _____ () C:\Users\nacho\AppData\Roaming\emp.bin
2020-12-20 22:26 - 2021-04-30 21:40 - 000000016 _____ () C:\Users\nacho\AppData\Roaming\obs-virtualcam.txt
2021-04-13 14:52 - 2021-04-13 14:52 - 000000216 _____ () C:\Users\nacho\AppData\Roaming\Safer-Networking.log
2020-12-19 04:09 - 2020-12-19 04:09 - 000000000 ___SH () C:\Users\nacho\AppData\Local\LumaEmu
2020-12-18 20:51 - 2021-03-25 14:20 - 000015170 _____ () C:\Users\nacho\AppData\Local\oobelibMkey.log
2020-10-31 22:37 - 2020-10-31 23:21 - 000012496 _____ () C:\Users\nacho\AppData\Local\PlariumPlay.log
2020-10-27 21:51 - 2020-10-27 21:51 - 000000218 _____ () C:\Users\nacho\AppData\Local\recently-used.xbel
2020-11-03 23:57 - 2021-05-03 02:52 - 000007598 _____ () C:\Users\nacho\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)



safeboot: Minimal => El sistema está configurado para iniciarse en Modo Seguro <==== ATENCIÓN
==================== Final de FRST.txt ========================

MMI1 · 7 Junio, 2021 14:22

Te pase el addition.txt y el FRST.txt, ¿necesitas ver el de tweaking repair ?

ErdrickBass · 8 Junio, 2021 05:13

Hola nuevamente,

El reporte de Tweaking repair no es necesario.

Revisando tu reporte veo archivos de Spybot S&D aunque no parece que este instalado ¿Podrías confirmarme si deberías tener dicho programa actualmente?

Ya con esta información podría proceder a darte los próximos pasos.

Saludos

MMI1 · 8 Junio, 2021 12:50

tengo el ejecutable pero no lo tengo instalado

ErdrickBass · 8 Junio, 2021 13:24

Muy bien, entonces procedemos con lo demás:

Crea otra copia de seguridad del registro con Registry Backup.

Asegurate que en la pestaña Registry Backup este todo marcado.

En Backup Name puedes dejarlo por defecto o asignar algún nombre

Presiona el botón BackUp now

Deshabilita nuevamente tu antivirus: ¿Cómo deshabilitar temporalmente su Antivirus?

En el equipo, con los demás programas cerrados abra el notepad; puede abrirlo en la barra de búsqueda de windows y escribiendo notepad.exe

Posteriormente, copie y pegue este script de reparación dentro del Notepad comenzando en Start y terminando en End:

Start
CreateRestorePoint:
CloseProcesses:

S0 b06bdrv; System32\drivers\bxvbda.sys [X]
S0 BootDefragDriver; System32\drivers\BootDefragDriver.sys [X]
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [21753376 2021-05-04] (Mail.Ru LLC -> LLC Mail.Ru)
S3 cpuz150; C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [44832 2021-06-07] (CPUID S.A.R.L.U. -> CPUID)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv1.sys [20986200 2021-05-04] (Mail.Ru LLC -> LLC Mail.Ru)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
C:\WINDOWS\System32\DRIVERS\PSKMAD.sys 
C:\WINDOWS\System32\drivers\mracdrv1.sys
C:\WINDOWS\System32\mracsvc.exe
C:\WINDOWS\temp\cpuz150

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
EmptyTemp:
End

Vaya a Archivo y selecciona Guardar Como.
Guardelo bajo el nombre de fixlist.txt en el escritorio al igual que FRST. Esto es muy importante.

El anterior Script de reparación fue hecho específicamente por un miembro del Staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo

Ejecute Frst.exe. y presione el botón Fix / Corregir
Espere pacientemente a que termine y no use el equipo. Al terminar el equipo podría reiniciarse
La Herramienta guardara el reporte en su escritorio (Fixlog.txt).

Descarga DrWeb Cureit:

Dr.Web CureIt! | InfoSpyware >> Manual de Uso

Ejecuta Drweb según su manual considerando lo siguiente::

Ejecuta un análisis personalizado con los parámetros que indica el manual
Asegurate de poner el reporte en mínimo como indica el manual
Curas, Mueves y Eliminas, lo que encuentre según te de la opción y con ese orden de preferencia.
Si te detecta el archivo Hosts puedes permitir que DrWeb lo restaure.
Al terminar, revisa el manual en la sección Informe de análisis obtener la parte del reporte que nos interesa.

Nos traerías:

El nuevo reporte de FixLog.
El extracto del reporte de Doctor Web.
Comentarios de cualquier cosa que notes.

Saludos

MMI1 · 8 Junio, 2021 14:17

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 06-06-2021
Ejecutado por nacho (08-06-2021 15:49:23) Run:2
Ejecutado desde C:\Users\nacho\Desktop
Perfiles cargados: nacho & perin
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
Start
CreateRestorePoint:
CloseProcesses:

S0 b06bdrv; System32\drivers\bxvbda.sys [X]
S0 BootDefragDriver; System32\drivers\BootDefragDriver.sys [X]
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [21753376 2021-05-04] (Mail.Ru LLC -> LLC Mail.Ru)
S3 cpuz150; C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [44832 2021-06-07] (CPUID S.A.R.L.U. -> CPUID)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv1.sys [20986200 2021-05-04] (Mail.Ru LLC -> LLC Mail.Ru)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
C:\WINDOWS\System32\DRIVERS\PSKMAD.sys 
C:\WINDOWS\System32\drivers\mracdrv1.sys
C:\WINDOWS\System32\mracsvc.exe
C:\WINDOWS\temp\cpuz150

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
EmptyTemp:
End
*****************

El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
HKLM\System\CurrentControlSet\Services\b06bdrv => eliminado correctamente
b06bdrv => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\BootDefragDriver => eliminado correctamente
BootDefragDriver => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\mracsvc => eliminado correctamente
mracsvc => servicio eliminado correctamente
cpuz150 => Servicio detenido correctamente.
HKLM\System\CurrentControlSet\Services\cpuz150 => eliminado correctamente
cpuz150 => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\mracdrv => eliminado correctamente
mracdrv => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\PSKMAD => eliminado correctamente
PSKMAD => servicio eliminado correctamente
C:\WINDOWS\System32\DRIVERS\PSKMAD.sys => movido correctamente
C:\WINDOWS\System32\drivers\mracdrv1.sys => movido correctamente
C:\WINDOWS\System32\mracsvc.exe => movido correctamente
C:\WINDOWS\temp\cpuz150 => movido correctamente

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local 3 mientras los medios
est‚n desconectados.

Adaptador de Ethernet Ethernet:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::453a:e615:2f2c:9944%19
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.48
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador desconocido Conexi¢n de  rea local:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador desconocido Conexi¢n de  rea local 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador desconocido Conexi¢n de  rea local 3:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

0 out of 0 jobs canceled.

========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19070874 B
Java, Flash, Steam htmlcache => 127797385 B
Windows/system/drivers => 260354 B
Edge => 0 B
Chrome => 0 B
Brave => 510791419 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 51752 B
NetworkService => 51752 B
nacho => 536987 B
perin => 536987 B

RecycleBin => 32948 B
EmptyTemp: => 638.4 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 15:51:00 ====

MMI1 · 8 Junio, 2021 15:49

Lo primero de todo es que Dr. Web curelt no me ha detectado ninguna amenaza, pero tuve problemas debido a que una vez termino el scan no he podido ver el reporte porque pone que el documento no responde. Aparte te quería comentar una cosa porque no se si es normal que durante el escaneo la CPU no baje del 50% y muy de vez en cuando suba y se mantenga por varios segundos en 100%

ErdrickBass · 9 Junio, 2021 04:18

Hola nuevamente,

Bueno si no detecto nada e hiciste el escaneo como se indico no habría problema.

Considerando los restos que eliminamos y basura que eliminamos si, pero debería estabilizarse. En caso contrario has clic en el administrador de tareas en la columna de CPU para que los acomode de mayor a menor en vez de por nombre. Ya así sería que nos ayudes viendo que es lo que tiene mayor consumo.

Ya estando más despejados te hago las siguientes observaciones totalmente opcionales:

Para desinstalar cualquier aplicación puedes usar RevoUninstaller

Los siguientes programas es común que se instalen como adicional con otros programas:

Wondershare Filmora9
Wondershare Helper Compact 2.6.0

Si no los conoces ni los usas recomendaría desinstalarlos

Tienes 2 versiones de Winrar para sistemas arquitecturas:

WinRAR 5.91 (64-bit)
WinRAR 6.00 (32-bit)

A no ser que tengas una razón para esto, recomendaría desinstalar la versión de 32 bits e instalar la ultima versión (de momento 6.01) para 64 bits. Preferentemente de su página oficial.

Tienes la versión de glary utilities 4.8 pero va por la 5.167. Posiblemente quieras desinstalar la que tienes y probar la nueva.

Según veo usas Supernatispyware y Spybot S&D. Estos programas hoy en día no son muy recomendados, así que a menos que notes algún aporte reciente recomendaría desinstalarlos.

Para escaneos y desinfecciones puedes usar Malwarebytes activando la versión free y a lo mucho un antivirus alternativo como ESET online, DrWeb o el escanner de Kaspersky
Para inmunización puedes optar por Spyware Blaster o simplemente usar la extensión de Malwarebytes.

Dejando estas recomendaciones atras, tomando en cuenta los síntomas que tenías al principio:

¿Aún tienes estos sintomas/problemas?
¿Hay alguna otra cosa rara que notes?

Nos respondes estas dudas y nos comentas sobre el administrador de tareas.

Saludos

MMI1 · 9 Junio, 2021 15:14

Una vez desinstalado estos programas ¿seria recomendable realizar un escaner del sistema ? también quería saber si dejar instalados los programas antimalware ?.

Aunque parezca mentira, he notado que cuando estoy con el pc y salgo de mi habitación, cuando vuelvo y justo me siento o paso delante del pc, los ventiladores se ponen al 65% y de verdad que parece que es una broma pero lo he comprobado salgo de mi habitación me quedo en la puerta pero es llegar al escritorio y empieza a sonar los ventiladores

también e notado que en la barra de tareas cuando le doy a a veces me aparece un logo que desaparece al instante, aunque me de un poco de vergüenza dado la poca seriedad de la imagen, pero no sabia como representarlo, no es exactamente así pero lo mismo te puede ayudar a saber lo que es logo

Gracias

MMI1 · 9 Junio, 2021 19:48

Otra duda, yo tengo el teclado de corsair k55 que tiene unas teclas programables nombradas de G1 hasta el G6, cuando le doy a G1 se me abre una ventana del navegador y se escriben un conjunto de letras, se me abre los ajustes de Windows y se abre libre office. lo curioso es que no e configurado las teclas desde que lo tengo. se puede tratar de un virus ? o malware?

ErdrickBass · 10 Junio, 2021 14:23

Hola nuevamente

Los comentarios anteriores no son un problema en si. Si no recomendaciones generales de programas. No es porque tenga algo de malo en si ninguno de los programas. Así que necesidad de algún escaneo adicional no hace falta.

Ahora leyendo lo que me comentas lo primero te diré es que no te sugestiones ni sobre-analices algunas cosas. Esto de la seguridad puede generar muchos temores (lo se por experiencia) pero al menos que seas algún gobierno, banco o alguna institución lo más complicado y malo que puede pasar es que encripten tus archivos. Eso adicional que muchos de los problemas más raros en windows no son causados por infecciones. Usualmente la causa es hardware, el SO y en ocaciones el mismo usuario.

No, las teclas programables no necesariamente estan desactivadas si no las programas. Ahora que si al hacer clic en una de estas te lleve a una página de publicidad seria otra cosa. No he oído que pase pero tendría cierta lógica fuese de infección.

Respecto a lo de la ventilación te recomiendo que dejes abierto el administrador de tareas. Y cuando veas que pase eso revises si en la pestaña de rendimiento hay algún pico en CPU o memoria.

Adicional realiza lo siguiente porfavor:

Descarga Speccy y ejecútalo:

Manual de Speccy

Toma una captura del sumario (panel derecho). Puedes usar la tecla de capturar o la herramienta de recortes de windows.

Saludos