Buenas a todos,
Desde hace unos dias se me ha infectado el pc con el virus de la doble tilde, he investigado y he realizado analisis tanto con Malwarebytes como con McAfee, me detectaron las amenazas y las eliminaron, pero el problema persiste.
Alguien que pueda ayudarme a eliminar este molesto malware? Muchas gracias de antemano
Hola @DanielG
Si, todavia no he conseguido solucionar el problema. Si cierro el proceso rundll32 se soluciona de forma momentanea, pero al final siempre vuelve a manifestarse.
Que puedo hacer?
Saludos
Hola @RadOdd
Realiza lo siguiente
Desactive temporalmente su antivirus. ¿Cómo deshabilitar temporalmente su Antivirus?
Por favor, descargue Farbar Recovery Scan Tool de acuerdo a su tipo de sistema y guárdelo en el Escritorio del sistema.
¿Cómo saber si mi Windows es de 32 o 64 bits?
¿Como Pegar Reportes en el Foro?
Saludos
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 19.03.2024
Ejecutado por jj_ru (administrador) sobre PCJESUS (ASUSTeK COMPUTER INC. Vivobook_ASUSLaptop M6500QC_M6500QC) (19-03-2024 15:04:21)
Ejecutado desde C:\Users\jj_ru\OneDrive\Escritorio\FRST64.exe
Perfiles cargados: jj_ru
Plataforma: Microsoft Windows 11 Home Versión 23H2 22631.3296 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.6.0_x64__qmba6cd70vzyy\ModuleDll\HWSettings\AsusOLEDShifter.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSOptimization\AsusOSD.exe
(C:\Program Files\ASUS\ProArt Creator Hub\ProArtCreatorHubService\AsusProArtService.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ProArt Creator Hub\ProArtCreatorHubService\AsusProArtHost.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.310.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe <6>
(C:\Users\jj_ru\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\jj_ru\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.11.279.1\extnhost\mc-extn-browserhost.exe
(DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_ce09737aeee31fb0\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~3.INF\DAX3API.exe
(DriverStore\FileRepository\u0390792.inf_amd64_c7c1ce20b2f1c813\B390782\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0390792.inf_amd64_c7c1ce20b2f1c813\B390782\atieclxx.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <15>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0390792.inf_amd64_c7c1ce20b2f1c813\B390782\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ProArt Creator Hub\ProArtCreatorHubService\AsusProArtService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSystemAnalysis\AsusSystemAnalysis.exe <2>
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Connect\Watchdog\EPWD.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_ce09737aeee31fb0\DAX3API.exe
(services.exe ->) (Focaltech Systems Co., Ltd. -> ) C:\Windows\System32\drivers\UMDF\focalFpSrvcDeamon.exe <2>
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.11.279.1\mc-fw-host.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_6748734245be2098\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c03b1d36a886656b\RtkAudUService64.exe <3>
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\jj_ru\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.11.279.1\neo\core\mc-neo-host.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.XboxIdentityProvider_12.95.3001.0_x64__8wekyb3d8bbwe\XboxIdp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2402.1001.26.0_x64__8wekyb3d8bbwe\XboxGameBarWidgets.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2402.1001.26.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21850.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21850.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.310.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlHost.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM-x32\...\Run: [Check Point VPN] => C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe [18160832 2021-10-20] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Ningún archivo)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\Installer\setup.exe [7130664 2024-03-17] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restricción <==== ATENCIÓN
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\Run: [MicrosoftEdgeAutoLaunch_79754ACD234C1A43BE9E72B9A8756169] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\jj_ru\AppData\Local\Microsoft\Teams\Update.exe [2591600 2024-02-06] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\Run: [GoogleChromeAutoLaunch_E66BC940028D5847782446B77A0FF1F1] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [2772256 2024-03-12] (Google LLC -> Google LLC)
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\jj_ru\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Ningún archivo)
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\jj_ru\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Ningún archivo)
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\RunOnce: [Uninstall 24.025.0204.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jj_ru\AppData\Local\Microsoft\OneDrive\24.025.0204.0003" [0 2024-03-15] () <==== ATENCIÓN [cero bytes Archivo/Carpeta]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\122.0.6261.129\Installer\chrmstp.exe [2024-03-15] (Google LLC -> Google LLC)
GroupPolicy: Restricción - Windows Defender <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
==================== Tareas programadas (Lista blanca) =================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {B60AE9AF-B92A-4082-B479-95B2CA47E766} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {CB1B6D13-FF5D-426E-B7CB-06F10450B45E} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSOptimization\AsusHotkey.exe [311944 2024-01-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {6467AB9C-2D98-4B80-A83F-E3B1A36FC769} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSoftwareManager\AsusUpdateChecker.exe [802440 2024-01-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {6636B5F5-0C11-4B85-89C8-09CAB8BC9CEB} - System32\Tasks\ASUSProArtUpdateService-Logon => "C:\Program Files\ASUS\ProArt Creator Hub\ProArtCreatorHubService\AsusProArtUpdateService.exe" -cupdate (Ningún archivo)
Task: {31D99C98-F1B9-47D7-B918-7A510FA3FE4E} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4789384 2024-01-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {DF7FAA45-C8A5-49BC-B067-E3C2E9D60878} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5368904 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
Task: {CFC41644-9877-4C04-AAEB-35DFBAAFF956} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6359.0{FB497D2F-1587-4514-855A-AB4F5B2BBC09} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
Task: {563A5C37-BF89-4451-866D-41D8B53CAC6B} - System32\Tasks\McAfee OEM Subscription job => \\?\C:\Program Files\McAfee\WPS\SubscriptionJob\mc-oem-subjob.exe [2169512 2024-02-26] (McAfee, LLC -> McAfee, LLC)
Task: {C6A552B3-1E64-4907-8E69-B0B7D23F5C21} - System32\Tasks\McAfee\WPS\amwebapitriggertask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {05671243-F71C-4982-91EA-C57E2F063AFD} - System32\Tasks\McAfee\WPS\DAD.WPS.Execute.Updates => C:\Program Files\McAfee\WPS\1.11.279.1\dad\3.17.7\mc-dad.exe [2682016 2024-02-28] (McAfee, LLC -> McAfee, LLC)
Task: {4790AC27-3E79-470E-9FE0-6178BF8449F0} - System32\Tasks\McAfee\WPS\datupdatetask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {780F09C2-0821-4CB1-8F08-896237277B1A} - System32\Tasks\McAfee\WPS\McAfee Sustainability => C:\Program Files\McAfee\WPS\1.11.279.1\sustainability\mc-sustainability.exe [778816 2024-01-20] (McAfee, LLC -> McAfee, LLC)
Task: {14BA07D0-951F-46D6-B180-FC6A14DE9AC2} - System32\Tasks\McAfee\WPS\mcpcoscanner => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {25F5C8D3-9677-45F7-BD3D-ED77678FDCC4} - System32\Tasks\McAfee\WPS\NGMCadence => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {0CA3BFD9-5678-4C25-8BA4-61D190B9BBA8} - System32\Tasks\McAfee\WPS\odsscheduledtask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {91C3C59A-8CC1-4DC2-B244-902D7ACB0CAC} - System32\Tasks\McAfee\WPS\systemrebootedtask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {966F73A4-B0E5-48A0-8BB0-B5B597EFCDDA} - System32\Tasks\McAfee\WPS\Update => {81A7CB63-BB07-4DAD-8E72-07B3A9BB08E2} C:\Program Files\McAfee\WPS\1.11.279.1\mc-update.exe [5075896 2024-01-20] (McAfee, LLC -> McAfee, LLC)
Task: {6B756DA9-0723-41E8-8805-BAD9182764F9} - System32\Tasks\McAfee\WPS\WPSPush => \\?\C:\Program Files\McAfee\WPS\1.11.279.1\mc-wns-client\mc-wns-client.exe [819400 2024-01-20] (McAfee, LLC -> )
Task: {1E7AF4E2-2C27-47D6-B805-720C9134DBEF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D651344-987D-498A-B6EF-6D5A67A3BBEA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {ED3A261D-9AC1-4DA5-AD21-7AB265400EA2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F71E55C9-0827-4948-8089-A328539F4A8B} - System32\Tasks\Microsoft\Windows\Bluetooth\Wgxwsm => C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [58856 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) -> "C:\Program Files (x86)\Common Files\DiagnosticFolder\PorysSuide\imejyzteogjnt.dll" /silent /unregister
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Ningún archivo)
Task: {D340250D-F62B-4665-B5D8-F4A3A3110F18} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-03-05] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {6D1DC1C2-3A53-4EB5-AFE5-FD857AAC1E0A} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-4134028696-356119575-3157283003-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-03-05] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {6D7BDD51-80C1-47DB-B319-45960E597016} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-03-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {3F21B85E-397C-4E0E-A54E-2F99BAE4DC66} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {76A846A9-BC6C-437D-86CE-0A6A9BF9CA90} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4D66824E-BD95-482F-8F17-9950939226D4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B0FA841F-AA62-4957-9999-A7D976658C96} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {DAB2D15D-244D-4D1E-958E-11F723F21D2F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A11CFA23-0993-40BC-8249-156B07F137F1} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F5D06D30-2602-4082-AF97-7DFBD8CFFA10} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E3BDE929-E003-4599-8CC3-937D9A23DED0} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B4A9F2FD-9FB5-4384-8FAB-C866052E6D79} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A38BBAC0-64BD-4A8C-9FE9-60C0615F7BB3} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-4134028696-356119575-3157283003-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [65536 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {2FBF333A-35BE-4436-9F25-DA36CADF7389} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c03b1d36a886656b\RtkAudUService64.exe [1588088 2022-08-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
Task: C:\WINDOWS\Tasks\ASUSProArtUpdateService-Logon.job => C:\Program Files\ASUS\ProArt Creator Hub\ProArtCreatorHubService\AsusProArtUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip\Parameters: [DhcpNameServer] 46.39.192.4 8.8.8.8
Tcpip\..\Interfaces\{253bae56-508f-4db7-bec3-2742a6a2b489}: [DhcpNameServer] 46.39.192.4 8.8.8.8
Tcpip\..\Interfaces\{253bae56-508f-4db7-bec3-2742a6a2b489}\34163716F54656F5A49657A696: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{253bae56-508f-4db7-bec3-2742a6a2b489}\34163716F54656F5A49657A696: [DhcpDomain] home
Tcpip\..\Interfaces\{253bae56-508f-4db7-bec3-2742a6a2b489}\D49475946494F5745547438254874792: [DhcpNameServer] 212.230.135.2 212.230.135.1
Tcpip\..\Interfaces\{253bae56-508f-4db7-bec3-2742a6a2b489}\D49475946494F5745547438254874792: [DhcpDomain] home
Tcpip\..\Interfaces\{83910a31-4f20-4bae-af66-8babe0357b5a}: [DhcpNameServer] 172.16.0.46 172.16.0.65
Tcpip\..\Interfaces\{a230d696-ea94-4d58-a2d0-3bca64a9b8ae}: [NameServer] 172.17.3.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\jj_ru\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-14]
Edge Extension: (Documentos de Google sin conexión) - C:\Users\jj_ru\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-08]
Edge Extension: (Edge relevant text changes) - C:\Users\jj_ru\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-31]
FireFox:
========
FF DefaultProfile: 65a108cr.default
FF ProfilePath: C:\Users\jj_ru\AppData\Roaming\Mozilla\Firefox\Profiles\65a108cr.default [2024-01-20]
FF ProfilePath: C:\Users\jj_ru\AppData\Roaming\Mozilla\Firefox\Profiles\8ncxq6f5.default-release [2024-03-09]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-03-12] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default [2024-03-19]
CHR Notifications: Default -> hxxps://meet.google.com
CHR Extension: (Extensión de Surfshark VPN) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\Extensions\ailoabdmgclmfmhdagmlohpjlbpffblp [2024-03-19]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-03-09]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2023-01-11]
CHR Extension: (Adobe Acrobat: herramientas para convertir, editar y firmar PDFs) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-03-02]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-03-19]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-02]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-03-14]
CHR Extension: (Excel Online) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\Extensions\iljnkagajgfdmfnnidjijobijlfjfgnb [2024-02-04]
CHR Extension: (Player para ver Movistar+) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2023-01-11]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-11]
CHR Profile: C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-01-09]
CHR Profile: C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-10-15]
CHR Extension: (Adobe Acrobat: herramientas para convertir, editar y firmar PDFs) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-15]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-19]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-13]
CHR Profile: C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-03-18]
CHR Extension: (Llamadas de Skype) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2023-03-14]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-03-12]
CHR Extension: (Adobe Acrobat: herramientas para convertir, editar y firmar PDFs) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-03-04]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-02-14]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-04]
CHR Extension: (Night Time In New York City) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jnimonidkipnhnpgkhgliocfnnpgkhek [2023-03-14]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-14]
CHR Profile: C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\System Profile [2024-03-19]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-4134028696-356119575-3157283003-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\AsusAppService\AsusAppService.exe [1177224 2024-01-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSOptimization\AsusOptimization.exe [529552 2024-01-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSProArtService; C:\Program Files\ASUS\ProArt Creator Hub\ProArtCreatorHubService\AsusProArtService.exe [1594064 2022-03-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSoftwareManager\AsusSoftwareManager.exe [1369232 2024-01-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSwitch\AsusSwitch.exe [641272 2024-01-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4789384 2024-01-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [845456 2024-01-10] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd -> Disc Soft Ltd)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_ce09737aeee31fb0\DAX3API.exe [2299944 2022-08-17] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 EPWD; C:\Program Files (x86)\CheckPoint\Endpoint Connect\Watchdog\EPWD.exe [510656 2021-07-02] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 focalFpSrvcDeamon; C:\WINDOWS\System32\drivers\UMDF\focalFpSrvcDeamon.exe [300032 2023-05-05] (Focaltech Systems Co., Ltd. -> )
S2 GoogleUpdaterInternalService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
S2 GoogleUpdaterService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
R2 mc-fw-host; C:\Program Files\McAfee\WPS\1.11.279.1\mc-fw-host.exe [2310472 2024-01-20] (McAfee, LLC -> McAfee, LLC)
S3 mc-wps-update; C:\Program Files\McAfee\WPS\1.11.279.1\mc-update.exe [5075896 2024-01-20] (McAfee, LLC -> McAfee, LLC)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [889400 2024-03-14] (McAfee, LLC -> McAfee, LLC)
R2 NativePushService; C:\Users\jj_ru\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [755600 2022-09-17] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R2 TracSrvWrapper; C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [7897280 2021-10-20] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ASUSProArtUpdateService; "C:\Program Files\ASUS\ProArt Creator Hub\ProArtCreatorHubService\AsusProArtUpdateService.exe" [X]
S2 AsusScreenXpertHostService; "C:\Program Files\ASUS\AsusScreenXpert\AsusScreenXpertHostService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_6748734245be2098\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_6748734245be2098\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [54792 2023-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0390792.inf_amd64_c7c1ce20b2f1c813\B390782\amdkmdag.sys [94637408 2023-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_93fc123351137141\AsusPTPFilter.sys [155568 2023-01-05] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSystemAnalysis\AsusSAIO.sys [49224 2024-01-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSOptimization\AsusWmiAcpi.sys [48928 2024-01-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2023-01-12] (Microsoft Corporation) [Archivo no firmado]
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30352 2023-07-26] (Disc Soft Ltd -> Disc Soft Ltd)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [218592 2023-11-16] (Microsoft Windows -> Microsoft Corporation)
S0 mfeelam; C:\WINDOWS\System32\DRIVERS\mfeelam.sys [18400 2024-01-20] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R0 mfesec; C:\WINDOWS\System32\DRIVERS\mfesec.sys [82696 2024-01-20] (McAfee, LLC -> McAfee, LLC)
R3 MTKBTFilterX64; C:\WINDOWS\system32\DRIVERS\mtkbtfilterx.sys [296952 2023-02-23] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1420712 2023-03-01] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [253464 2023-07-20] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 rtucx22x64; C:\WINDOWS\System32\DriverStore\FileRepository\rtucx22x64.inf_amd64_a19e472f32bd1e8d\rtucx22x64.sys [1385296 2022-02-24] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 rtux64w10; C:\WINDOWS\System32\DriverStore\FileRepository\rtux64w10.inf_amd64_03831aeaaa2c730e\rtux64w10.sys [683520 2022-05-07] (Microsoft Windows -> Realtek Corporation)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [51192 2024-01-20] (OpenVPN Inc. -> The OpenVPN Project)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [94208 2023-11-16] (Microsoft Windows -> )
R3 vna_ap; C:\WINDOWS\system32\DRIVERS\vnaap.sys [165392 2017-08-01] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R1 vsdatant; C:\WINDOWS\system32\DRIVERS\vsdatant.sys [636800 2020-12-03] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55856 2023-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [594304 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2024-02-29] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) (Lista blanca) =========
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2024-03-19 15:04 - 2024-03-19 15:04 - 000039345 _____ C:\Users\jj_ru\OneDrive\Escritorio\FRST.txt
2024-03-19 15:03 - 2024-03-19 15:03 - 000000000 ____D C:\Users\jj_ru\OneDrive\Escritorio\FRST-OlderVersion
2024-03-19 00:48 - 2024-03-19 00:48 - 000000000 ____D C:\Users\jj_ru\AppData\LocalLow\Interior Night Ltd
2024-03-18 21:03 - 2024-03-18 21:03 - 000000000 ____D C:\Users\jj_ru\OneDrive\Documentos\Zoom
2024-03-18 19:59 - 2024-03-18 19:59 - 000050010 _____ C:\Users\jj_ru\Downloads\Certificado titularidad.pdf
2024-03-18 19:58 - 2024-03-18 19:58 - 000031709 _____ C:\Users\jj_ru\Downloads\Borrador20240318195833.pdf
2024-03-18 19:57 - 2024-03-18 19:57 - 000031825 _____ C:\Users\jj_ru\Downloads\Borrador20240318195749.pdf
2024-03-15 16:21 - 2024-03-15 16:21 - 000175891 _____ C:\Users\jj_ru\Downloads\Certificado de residencia Odra Mercedes Saldaña Blanchart.pdf
2024-03-14 21:25 - 2024-03-14 21:25 - 010030427 _____ C:\Users\jj_ru\Downloads\presu.pdf
2024-03-14 21:18 - 2024-03-14 21:18 - 000175711 _____ C:\Users\jj_ru\Downloads\Certificado de residencia Juan Jesus Ruiz Molina.PDF
2024-03-14 20:14 - 2024-03-14 20:14 - 013757861 _____ C:\Users\jj_ru\Downloads\Dossier decoración Mys eventos.pdf
2024-03-14 05:03 - 2024-03-14 05:03 - 000807420 _____ C:\WINDOWS\system32\perfh00A.dat
2024-03-14 05:03 - 2024-03-14 05:03 - 000163076 _____ C:\WINDOWS\system32\perfc00A.dat
2024-03-13 23:22 - 2024-03-13 23:22 - 000135251 _____ C:\Users\jj_ru\Downloads\Booking #4093070679.pdf
2024-03-13 22:43 - 2024-03-13 22:43 - 000004163 _____ C:\Users\jj_ru\Downloads\Transferencia - Inés Molina Ozaez - Hospital La Inmaculada.pdf
2024-03-13 22:42 - 2024-03-13 22:42 - 000016277 _____ C:\Users\jj_ru\Downloads\13032024224258.pdf
2024-03-13 22:30 - 2024-03-13 22:30 - 000161566 _____ C:\Users\jj_ru\Downloads\CamScanner 13-03-2024 21.49.pdf
2024-03-13 22:30 - 2024-03-13 22:30 - 000058504 _____ C:\Users\jj_ru\Downloads\DOC-20240313-WA0001.(1).pdf
2024-03-13 22:30 - 2024-03-13 22:30 - 000058504 _____ C:\Users\jj_ru\Downloads\DOC-20240313-WA0001.(1) (1).pdf
2024-03-13 20:32 - 2024-03-13 20:32 - 000167634 _____ C:\Users\jj_ru\Downloads\SOL_ENTRA_2024_4718.pdf
2024-03-13 20:27 - 2024-03-13 20:27 - 000167668 _____ C:\Users\jj_ru\Downloads\SOL_ENTRA_2024_4717.pdf
2024-03-13 20:20 - 2024-03-13 20:20 - 000166525 _____ C:\Users\jj_ru\Downloads\SOL_ENTRA_2024_4716.pdf
2024-03-07 16:08 - 2024-03-07 16:08 - 000171589 _____ C:\Users\jj_ru\Downloads\SOL_ENTRA_2024_4335.pdf
2024-03-07 15:27 - 2024-03-19 14:56 - 000004088 _____ C:\WINDOWS\system32\Tasks\McAfee OEM Subscription job
2024-03-07 15:23 - 2024-03-07 15:25 - 000000000 ____D C:\WINDOWS\Minidump
2024-03-06 23:27 - 2024-03-19 15:04 - 000000000 ____D C:\FRST
2024-03-06 23:20 - 2024-03-19 15:03 - 002390528 _____ (Farbar) C:\Users\jj_ru\OneDrive\Escritorio\FRST64.exe
2024-03-06 22:54 - 2024-03-06 22:54 - 000005655 _____ C:\Users\jj_ru\OneDrive\Escritorio\Malwarebytes Informe de análisis 2024-03-05 211234.txt
2024-03-05 23:19 - 2024-03-05 23:24 - 000000073 _____ C:\Bug_TKill.txt
2024-03-05 23:19 - 2024-03-05 23:24 - 000000000 ____D C:\DTRToll
2024-03-05 22:56 - 2024-03-05 22:56 - 000020023 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-05 22:55 - 2024-03-05 22:55 - 000020023 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-03-05 22:33 - 2024-03-05 23:24 - 001476458 _____ C:\WINDOWS\ntbtlog.txt
2024-03-05 22:33 - 2024-03-05 23:23 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-03-05 22:24 - 2024-03-05 22:24 - 000000000 ____D C:\Users\jj_ru\OneDrive\Escritorio\Nueva carpeta
2024-03-05 22:11 - 2024-03-05 22:11 - 002585496 _____ (Malwarebytes) C:\Users\jj_ru\Downloads\MBSetup.exe
2024-03-05 22:08 - 2024-03-05 22:08 - 000165830 _____ C:\Users\jj_ru\Downloads\SOL_ENTRA_2024_4163.pdf
2024-03-05 21:57 - 2024-03-05 22:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-03-05 20:54 - 2024-03-05 20:54 - 000106269 _____ C:\Users\jj_ru\Downloads\Tasa Padron - Odra Saldaña.pdf
2024-03-05 20:54 - 2024-03-05 20:54 - 000106269 _____ C:\Users\jj_ru\Downloads\Tasa Padron - .pdf
2024-03-05 20:51 - 2024-03-05 20:51 - 000170230 _____ C:\Users\jj_ru\Downloads\SOL_ENTRA_2024_4162.pdf
2024-03-05 20:42 - 2024-03-05 20:42 - 000105639 _____ C:\Users\jj_ru\Downloads\Tasa Padron - J. Jesus Ruiz.pdf
2024-03-05 19:53 - 2024-03-05 19:53 - 000210975 _____ C:\Users\jj_ru\OneDrive\Documentos\Certificado de empadronamiento. Barcelona Jesus.pdf
2024-03-05 19:48 - 2024-03-05 19:48 - 000139001 _____ C:\Users\jj_ru\Downloads\AjtBcn_CertResi_2024-03-05.pdf
2024-03-05 19:48 - 2024-03-05 19:48 - 000139001 _____ C:\Users\jj_ru\Downloads\AjtBcn_CertResi_2024-03-05 (1).pdf
2024-03-05 18:51 - 2024-03-05 18:51 - 000087946 _____ C:\Users\jj_ru\Downloads\Justificante de Presentación REG.pdf
2024-03-05 18:42 - 2024-03-05 18:42 - 000535215 _____ C:\Users\jj_ru\OneDrive\Escritorio\SOLICITUD DUPLICADO.pdf
2024-03-05 18:41 - 2024-03-05 18:43 - 000210068 _____ C:\Users\jj_ru\Downloads\Mod.03-ES.pdf
2024-03-05 18:40 - 2024-03-05 18:40 - 000186008 _____ C:\Users\jj_ru\OneDrive\Escritorio\SOLICITUD DE DUPLICADO.html
2024-03-05 18:40 - 2024-03-05 18:40 - 000000000 ____D C:\Users\jj_ru\OneDrive\Escritorio\SOLICITUD DE DUPLICADO_files
2024-03-05 18:36 - 2024-03-05 18:36 - 000398671 _____ C:\Users\jj_ru\OneDrive\Escritorio\Mod.03-ES.pdf
2024-03-04 19:47 - 2024-03-04 19:47 - 000452465 _____ C:\Users\jj_ru\Downloads\LAYER CAKE bodas.pdf
2024-03-04 19:46 - 2024-03-04 19:46 - 002784164 _____ C:\Users\jj_ru\Downloads\Catalogo Tartas Comuniones 2023.pdf
2024-03-04 16:16 - 2024-03-04 16:16 - 000288139 _____ C:\Users\jj_ru\Downloads\Certificado de Concordancia.pdf
2024-03-04 16:16 - 2024-03-04 16:16 - 000288139 _____ C:\Users\jj_ru\Downloads\Certificado de Concordancia (1).pdf
2024-03-04 11:49 - 2024-03-04 11:49 - 002344202 _____ C:\Users\jj_ru\Downloads\TA-1.pdf
2024-03-04 11:49 - 2024-03-04 11:49 - 002344202 _____ C:\Users\jj_ru\Downloads\TA-1 (1).pdf
2024-03-04 11:49 - 2024-03-04 11:49 - 000925451 _____ C:\Users\jj_ru\OneDrive\Escritorio\TA-1 FIRMADO.pdf
2024-03-04 11:45 - 2024-03-04 11:45 - 001130840 _____ C:\Users\jj_ru\OneDrive\Escritorio\TA-1.pdf
2024-03-04 11:21 - 2024-03-04 11:21 - 000332433 _____ C:\Users\jj_ru\Downloads\DNI parte delantera.jpeg
2024-03-04 11:21 - 2024-03-04 11:21 - 000313760 _____ C:\Users\jj_ru\Downloads\DNI parte trasera.jpeg
2024-03-03 14:15 - 2024-03-03 14:15 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2024-03-03 14:15 - 2024-03-03 14:15 - 000000000 ____D C:\Program Files\Reference Assemblies
2024-03-03 14:15 - 2024-03-03 14:15 - 000000000 ____D C:\Program Files\MSBuild
2024-03-03 14:15 - 2024-03-03 14:15 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2024-03-03 14:15 - 2024-03-03 14:15 - 000000000 ____D C:\Program Files (x86)\MSBuild
2024-03-03 13:50 - 2024-03-03 13:50 - 000000000 ____D C:\ProgramData\Propagation
2024-03-03 13:50 - 2024-03-03 13:50 - 000000000 ____D C:\ProgramData\AMD
2024-03-03 13:44 - 2024-03-03 13:45 - 000000000 ____D C:\Users\jj_ru\OneDrive\Documentos\GuardFox
2024-03-03 13:44 - 2024-03-03 13:45 - 000000000 ____D C:\Users\jj_ru\AppData\Local\Msg to Pst
2024-03-03 13:44 - 2024-03-03 13:44 - 000000282 _____ C:\ProgramData\ntuser.pol
2024-03-03 12:25 - 2024-03-03 12:25 - 000007174 _____ C:\Users\jj_ru\AppData\Local\9655527093
2024-02-27 23:24 - 2024-02-27 23:24 - 000342160 _____ C:\Users\jj_ru\Downloads\ticket alsa.pdf
2024-02-24 23:04 - 2024-02-24 23:04 - 000657538 _____ C:\Users\jj_ru\Downloads\TLUZ62-yGS9mJgw.pdf
2024-02-23 23:54 - 2024-02-23 23:54 - 000502423 _____ C:\Users\jj_ru\Downloads\JHNKSKMM-rhRoUCnC.pdf
2024-02-23 20:19 - 2024-02-23 20:19 - 110022853 _____ C:\Users\jj_ru\Downloads\Mpc detalles 24 (1).pdf
2024-02-23 19:51 - 2024-02-23 19:51 - 110022853 _____ C:\Users\jj_ru\Downloads\Mpc detalles 24.pdf
2024-02-21 21:28 - 2024-02-21 21:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-02-18 23:26 - 2024-02-18 23:26 - 000000165 ____H C:\Users\jj_ru\OneDrive\Escritorio\~$Boda - Lugares.xlsx
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2024-03-19 15:03 - 2023-01-12 20:09 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2024-03-19 14:58 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-03-19 14:58 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-03-19 14:56 - 2023-01-12 20:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-19 14:56 - 2022-10-08 11:03 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-19 14:56 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-19 14:56 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-19 14:56 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-19 00:49 - 2023-01-11 00:06 - 000000000 ____D C:\Users\jj_ru\AppData\Local\D3DSCache
2024-03-18 23:40 - 2023-01-11 00:06 - 000000000 ____D C:\Users\jj_ru\AppData\Local\Packages
2024-03-18 23:40 - 2021-10-06 22:10 - 000000000 ____D C:\ProgramData\Packages
2024-03-18 23:39 - 2023-01-11 20:13 - 000000000 ____D C:\XboxGames
2024-03-18 21:26 - 2023-01-12 21:11 - 000000000 ____D C:\Users\jj_ru\AppData\Roaming\Microsoft\Word
2024-03-18 05:05 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-17 08:11 - 2023-05-30 17:36 - 000002370 ____H C:\Users\jj_ru\OneDrive\Documentos\Default.rdp
2024-03-17 07:47 - 2023-01-12 19:53 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2024-03-17 07:45 - 2021-10-06 22:08 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-15 16:23 - 2024-02-16 18:28 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll
2024-03-15 16:23 - 2023-01-11 20:13 - 002709096 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-03-15 16:23 - 2023-01-11 20:13 - 000706152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-03-15 16:23 - 2023-01-11 20:13 - 000218728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-03-15 16:23 - 2023-01-11 20:13 - 000206440 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-03-15 16:23 - 2023-01-11 20:13 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-03-15 16:23 - 2023-01-11 20:13 - 000108136 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-03-15 16:23 - 2023-01-11 20:13 - 000075368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-03-15 16:22 - 2023-01-11 00:17 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-15 16:21 - 2023-01-12 20:09 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4134028696-356119575-3157283003-1001
2024-03-15 16:21 - 2023-01-12 20:09 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4134028696-356119575-3157283003-1001
2024-03-15 16:21 - 2023-01-11 00:08 - 000002415 _____ C:\Users\jj_ru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-14 05:13 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-03-14 05:03 - 2023-01-12 20:10 - 001807552 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-14 04:58 - 2023-06-10 14:11 - 000012288 _____ C:\WINDOWS\system32\Drivers\vsparam.reg
2024-03-14 04:58 - 2023-06-10 14:11 - 000008192 _____ C:\WINDOWS\system32\Drivers\vsflt.reg
2024-03-14 04:58 - 2023-05-30 16:43 - 000012288 _____ C:\WINDOWS\system32\Drivers\vsndis.reg
2024-03-14 04:58 - 2023-01-12 20:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-14 04:58 - 2023-01-12 20:02 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2024-03-14 04:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-03-14 04:58 - 2022-05-07 06:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-03-14 04:58 - 2021-10-06 22:08 - 000012288 ___SH C:\DumpStack.log.tmp
2024-03-14 04:57 - 2023-10-13 03:01 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-03-14 04:57 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-03-14 04:57 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-03-14 04:57 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-03-14 04:57 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing
2024-03-13 21:03 - 2023-01-13 07:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-03-13 20:58 - 2023-01-13 07:17 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-03-13 20:57 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-13 20:55 - 2023-01-12 20:07 - 003213824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-03-13 20:23 - 2023-01-16 16:34 - 000000000 ____D C:\Users\jj_ru\AppData\Roaming\com.adobe.dunamis
2024-03-13 20:12 - 2023-01-16 16:34 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-03-13 20:12 - 2023-01-16 16:34 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-03-09 17:46 - 2023-01-11 01:00 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-03-08 00:14 - 2023-01-13 09:03 - 000000000 ____D C:\Users\jj_ru\AppData\Local\CrashDumps
2024-03-07 15:54 - 2023-01-12 20:04 - 000000000 ____D C:\Users\jj_ru
2024-03-07 15:25 - 2022-10-08 10:47 - 001351789 ____N C:\WINDOWS\Minidump\030724-13296-01.dmp
2024-03-07 15:23 - 2022-10-08 10:47 - 001985440 ____N C:\WINDOWS\Minidump\030724-14250-01.dmp
2024-03-05 23:01 - 2023-01-12 20:02 - 000505864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-03-05 23:00 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-03-05 23:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-03-05 23:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-03-05 23:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-03-05 23:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-03-05 22:41 - 2023-09-03 13:54 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2024-03-05 22:41 - 2023-09-03 13:27 - 000000000 ____D C:\Users\jj_ru\OneDrive\Escritorio\Partidos
2024-03-05 22:30 - 2023-01-11 01:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-03-05 22:14 - 2023-11-16 07:44 - 000000000 ____D C:\Users\jj_ru\AppData\Roaming\uTorrent Web
2024-03-05 21:59 - 2023-01-11 01:00 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-03-05 21:56 - 2023-01-12 20:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-03-05 21:39 - 2023-03-03 09:46 - 000000000 ____D C:\Program Files\Electronic Arts
2024-03-05 21:39 - 2022-10-08 11:03 - 000000000 ____D C:\ProgramData\Package Cache
2024-03-05 21:33 - 2023-09-07 09:42 - 000000000 ____D C:\Users\jj_ru\AppData\Roaming\Microsoft\Teams
2024-03-05 02:39 - 2023-01-12 20:09 - 000003708 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-05 02:39 - 2023-01-12 20:09 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-04 19:52 - 2023-04-01 14:18 - 000000000 ____D C:\Users\jj_ru\AppData\Roaming\Microsoft\Excel
2024-03-03 16:26 - 2023-02-08 10:05 - 000000000 ____D C:\Users\jj_ru\AppData\Roaming\paradox-launcher-v2
2024-03-03 14:16 - 2023-03-03 12:00 - 000000000 ____D C:\Users\jj_ru\OneDrive\Documentos\Electronic Arts
2024-03-03 14:15 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2024-03-03 14:15 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\MUI
2024-03-03 13:58 - 2023-03-03 09:53 - 000447752 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2024-03-03 13:55 - 2023-01-11 00:07 - 000000000 ____D C:\Users\jj_ru\AppData\Local\AMD
2024-03-03 13:44 - 2021-06-05 13:10 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2024-03-03 12:35 - 2024-02-16 18:28 - 000263784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll.0
2024-02-24 01:57 - 2024-02-14 19:49 - 000009477 _____ C:\Users\jj_ru\OneDrive\Escritorio\GASTOS BODA.xlsx
2024-02-23 21:34 - 2022-10-08 10:47 - 000000000 ____D C:\ProgramData\ASUS
2024-02-21 21:28 - 2023-01-11 00:17 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-18 20:59 - 2023-06-19 10:42 - 000000000 ____D C:\Users\jj_ru\OneDrive\Documentos\Curriculum
==================== Archivos en la raíz de algunos directorios ========
2024-01-06 00:29 - 2024-01-06 00:29 - 000007174 _____ () C:\Users\jj_ru\AppData\Local\91199005730
2023-03-02 17:38 - 2023-03-02 17:38 - 000004462 _____ () C:\Users\jj_ru\AppData\Local\92207940821
2023-03-29 19:50 - 2023-03-29 19:50 - 000004478 _____ () C:\Users\jj_ru\AppData\Local\9253024401
2023-05-10 11:16 - 2023-10-31 14:37 - 000004478 _____ () C:\Users\jj_ru\AppData\Local\937504910
2023-03-08 08:24 - 2023-03-17 23:16 - 000004462 _____ () C:\Users\jj_ru\AppData\Local\9503667337
2024-03-03 12:25 - 2024-03-03 12:25 - 000007174 _____ () C:\Users\jj_ru\AppData\Local\9655527093
2023-11-16 07:59 - 2023-11-16 07:59 - 000007198 _____ () C:\Users\jj_ru\AppData\Local\9896470859
2023-02-09 17:11 - 2023-02-09 17:11 - 000004622 _____ () C:\Users\jj_ru\AppData\Local\9943258716
2023-01-11 01:04 - 2023-02-23 09:33 - 000535040 _____ (Dirección General de la Policía) C:\Users\jj_ru\AppData\Local\DNIeService.exe
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
==================== Final de FRST.txt ========================
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 19.03.2024
Ejecutado por jj_ru (19-03-2024 15:05:01)
Ejecutado desde C:\Users\jj_ru\OneDrive\Escritorio
Microsoft Windows 11 Home Versión 23H2 22631.3296 (X64) (2023-01-12 19:12:20)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
(Si una entrada es incluida en el fixlist, será eliminada.)
Administrador (S-1-5-21-4134028696-356119575-3157283003-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4134028696-356119575-3157283003-503 - Limited - Disabled)
Invitado (S-1-5-21-4134028696-356119575-3157283003-501 - Limited - Disabled)
jj_ru (S-1-5-21-4134028696-356119575-3157283003-1001 - Administrator - Enabled) => C:\Users\jj_ru
WDAGUtilityAccount (S-1-5-21-4134028696-356119575-3157283003-504 - Limited - Disabled)
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: McAfee (Enabled - Up to date) {17E6E93C-6841-5FC7-DEB8-480FDC929279}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee (Enabled) {2FDD6819-222E-5E9F-F5E7-E13A2241D502}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1034-1033-7760-BC15014EA700}) (Version: 24.001.20604 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AutoFirma (HKLM\...\AutoFirma) (Version: 1.7.2 - Gobierno de España)
Blackmagic RAW Common Components (HKLM\...\{5EC3B537-067B-4012-9CB5-4AD928959ED3}) (Version: 3.6 - Blackmagic Design)
Check Point VPN (HKLM-x32\...\{107558F6-7694-4772-BB55-9C8FCA87A8B8}) (Version: 98.61.3510 - Check Point Software Technologies Ltd.)
Configurador FNMT (HKLM-x32\...\ConfiguradorFnmt) (Version: 3.0.1 - FNMT-RCM)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
DaVinci Resolve (HKLM\...\{C6E9E296-C17F-4C61-8BB1-8E2DBA01EEFD}) (Version: 18.6.40006 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{D1ACF467-9FB4-45DA-942F-A19452E70A3F}) (Version: 2.0.7.0 - Blackmagic Design)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.15 - Blackmagic Design)
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 122.0.6261.129 - Google LLC)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Instalable DNIe (HKLM\...\{B7F1288A-FA68-41CA-84AB-B5AB138B2130}) (Version: 15.0.1 - Cuerpo Nacional de Policía) Hidden
Instalador Tarjetas DNIe (HKLM-x32\...\{DD4C4229-4CF0-4C65-90B5-950AF7A67C97}) (Version: 1.1.0 - Cuerpo Nacional de Policía)
McAfee (HKLM\...\McAfee.WPS) (Version: 1.11.279.1 - McAfee, LLC)
Microsoft Access MUI (Spanish) 2016 (HKLM\...\{90160000-0015-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Spanish) 2016 (HKLM\...\{90160000-0090-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Excel MUI (Spanish) 2016 (HKLM\...\{90160000-0016-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Groove MUI (Spanish) 2016 (HKLM\...\{90160000-00BA-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Spanish) 2016 (HKLM\...\{90160000-0044-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2016 (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Spanish) 2016 (HKLM\...\{90160000-00E1-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Spanish) 2016 (HKLM\...\{90160000-00E2-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing (Spanish) 2016 (HKLM\...\{90160000-002C-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - English (HKLM\...\{90160000-001F-0409-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Spanish) 2016 (HKLM\...\{90160000-00C1-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2016 (HKLM\...\{90160000-006E-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office zuzenketa-tresnak 2016 - Euskara (HKLM\...\{90160000-001F-042D-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\OneDriveSetup.exe) (Version: 24.040.0225.0003 - Microsoft Corporation)
Microsoft OneNote MUI (Spanish) 2016 (HKLM\...\{90160000-00A1-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Spanish) 2016 (HKLM\...\{90160000-001A-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Spanish) 2016 (HKLM\...\{90160000-0018-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Spanish) 2016 (HKLM\...\{90160000-0019-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Skype for Business MUI (Spanish) 2016 (HKLM\...\{90160000-012B-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Teams classic (HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\Teams) (Version: 1.7.00.1864 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Word MUI (Spanish) 2016 (HKLM\...\{90160000-001B-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 es-ES) (HKLM\...\Mozilla Firefox 123.0.1 (x64 es-ES)) (Version: 123.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 108.0.2 - Mozilla)
Msg to Pst 1.19 (HKLM-x32\...\Msg to Pst_is1) (Version: 1.19 - )
NVIDIA Broadcast 1.3.0.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIABroadcast) (Version: 1.3.0.55 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 528.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 528.97 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
ProArt Creator Hub Service (HKLM\...\{77CD8075-733B-4F22-9A19-61041EACFADA}) (Version: 2.0.16.0 - ASUSTeK COMPUTER INC.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Telegram Desktop (HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.9.9 - Telegram FZ-LLC)
uTorrent Web (HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\utweb) (Version: 1.4.0 - Rainberry, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WebAdvisor de McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.871 - McAfee, LLC)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.92 - Microsoft Corporation)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Wondershare Filmora 12(Build 12.3.7.2586) (HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\Wondershare Filmora 12_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare NativePush(Build 1.0.0.7) (HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\Wondershare NativePush_is1) (Version: - )
Zoom (HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\ZoomUMX) (Version: 5.17.7 (31859) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-13] ()
Adobe Express -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeCreativeCloudExpress_2.1.1.0_neutral__ynb6jyjzte8ga [2024-03-14] (Adobe Inc.)
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m [2024-02-07] (Advanced Micro Devices Inc.) [Startup Task]
As Dusk Falls -> C:\Program Files\WindowsApps\Microsoft.3020BF20E956_1.22.9949.0_x64__8wekyb3d8bbwe [2024-03-18] (Microsoft Studios)
B9ECED6F.ScreenPadMaster -> C:\Program Files\WindowsApps\B9ECED6F.ScreenPadMaster_3.1.26.0_x64__qmba6cd70vzyy [2024-02-29] (ASUSTeK COMPUTER INC.)
Commandos 3 - HD Remaster -> C:\Program Files\WindowsApps\KalypsoMediaGroup.Commandos3-HDRemasterWin_1.17.0.0_x64__e60j8nnj33ga6 [2023-02-19] (Kalypso Media Group)
Crusader Kings III -> C:\Program Files\WindowsApps\ParadoxInteractive.ProjectTitus_1.0.608.0_x64__zfnrdv2de78ny [2024-03-07] (Paradox Interactive)
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1100.416.0_x64__8wekyb3d8bbwe [2024-02-26] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.20.3368.0_x64__rz1tebttyb220 [2024-02-26] (Dolby Laboratories)
Football Manager 2024 -> C:\Program Files\WindowsApps\SportsInteractive.FootballManager2024_0.9.392.0_x64__5w3tn6tb6stnm [2024-02-29] (Sports Interactive)
Football Manager 2024 Editor -> C:\Program Files\WindowsApps\SportsInteractive.FootballManager2024Editor_0.9.35.2_x64__5w3tn6tb6stnm [2024-02-29] (Sports Interactive)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.23.0_neutral__8xx8rvfyw5nnt [2024-03-14] (Instagram)
McAfee® Security -> C:\Program Files\McAfee\WPS\1.11.279.1 [2024-01-20] ()
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-15] (Microsoft Corp.)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-02-14] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-03-05] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24012.117.0_x64__cw5n1h2txyewy [2024-03-17] (Microsoft Windows) [Startup Task]
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.6.0_x64__qmba6cd70vzyy [2024-02-06] (ASUSTeK COMPUTER INC.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-10] (NVIDIA Corp.)
ProArt Creator Hub -> C:\Program Files\WindowsApps\B9ECED6F.ProArtCreatorCenter_2.1.6.0_x64__qmba6cd70vzyy [2023-12-24] (ASUSTeK COMPUTER INC.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.37.275.0_x64__dt26b99r8h8gj [2023-01-14] (Realtek Semiconductor Corp)
Return to Monkey Island -> C:\Program Files\WindowsApps\DevolverDigital.ReturntoMonkeyIslandXBSeriesXS_1.1.1.0_x64__6kzv4j18v0c96 [2023-02-11] (Devolver Digital)
Sea of Thieves -> C:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.128.3914.0_x64__8wekyb3d8bbwe [2024-03-15] (Microsoft Studios)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0 [2024-03-17] (Spotify AB) [Startup Task]
TikTok -> C:\Program Files\WindowsApps\BytedancePte.Ltd.TikTok_1.0.5.0_neutral__6yccndn6064se [2024-03-14] (Bytedance Pte. Ltd.)
WinAppRuntime.Main.1.4 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.4_4000.1082.2259.0_x64__8wekyb3d8bbwe [2024-02-05] (Microsoft Corp.)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.70.1338.0_x64__8wekyb3d8bbwe [2024-03-14] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_5001.70.1338.0_x64__8wekyb3d8bbwe [2024-03-17] (Microsoft Corp.)
Windows App Runtime DDLM 4000.1082.2259.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1082.2259.0-x6_4000.1082.2259.0_x64__8wekyb3d8bbwe [2024-02-05] (Microsoft Corporation)
Windows App Runtime DDLM 4000.1082.2259.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1082.2259.0-x8_4000.1082.2259.0_x86__8wekyb3d8bbwe [2024-02-05] (Microsoft Corporation)
Windows App Runtime DDLM 5001.58.448.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.5001.58.448.0-x6_5001.58.448.0_x64__8wekyb3d8bbwe [2024-03-05] (Microsoft Corporation)
Windows App Runtime DDLM 5001.58.448.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.5001.58.448.0-x8_5001.58.448.0_x86__8wekyb3d8bbwe [2024-03-05] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-03-05] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2023-01-11] (win.rar GmbH)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
CustomCLSID: HKU\S-1-5-21-4134028696-356119575-3157283003-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-4134028696-356119575-3157283003-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\jj_ru\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
CustomCLSID: HKU\S-1-5-21-4134028696-356119575-3157283003-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\jj_ru\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23334.11\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4134028696-356119575-3157283003-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-4134028696-356119575-3157283003-1001_Classes\CLSID\{92a10339-c580-dfd8-94c3-030311ba18f4}\localserver32 -> C:\ProgramData\ASUS\AsusSurvey\AsusSurvey.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
CustomCLSID: HKU\S-1-5-21-4134028696-356119575-3157283003-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\jj_ru\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\WPS\1.11.279.1\mc-ctxmnu.dll [2024-01-20] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> Ningún archivo
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_6748734245be2098\nvshext.dll [2023-07-20] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\WPS\1.11.279.1\mc-ctxmnu.dll [2024-01-20] (McAfee, LLC -> McAfee, LLC)
==================== Codecs (Lista blanca) ====================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2024-03-03] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2024-03-03] (Electronic Arts -> On2.com)
==================== Accesos directos & WMI ========================
(Las entradas pueden ser listadas para ser restauradas o eliminadas.)
ShortcutWithArgument: C:\Users\jj_ru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
ShortcutWithArgument: C:\Users\jj_ru\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Odra - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
==================== Módulos cargados (Lista blanca) =============
2021-10-20 18:14 - 2021-10-20 18:14 - 002048000 _____ () [Archivo no firmado] C:\Program Files (x86)\CheckPoint\Endpoint Connect\xerces-c_3_2.dll
2021-04-11 15:44 - 2021-04-11 15:44 - 000402944 _____ (Codalogic Ltd) [Archivo no firmado] C:\Program Files (x86)\CheckPoint\Endpoint Connect\Watchdog\lmx-MD-vs2017x86.dll
==================== Alternate Data Streams (Lista blanca) ========
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mc-fw-host => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mc-fw-host => ""="Service"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer (Lista blanca) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2021-06-05 13:08 - 2024-03-01 07:27 - 000000822 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jj_ru\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 46.39.192.4 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_79754ACD234C1A43BE9E72B9A8756169"
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [{316FBCED-D681-4BAC-ACF2-DC7A52CD5C7F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FC0017C4-BED3-4BEB-8642-0D220BF5C48F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4E77804E-9858-48A2-A2FC-3F6259ACBEE3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{FAB2A0EF-D81E-42D6-8432-13EB53B34615}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{4B96C1D0-95D4-4D1B-A575-94A145B213BB}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E18D444C-AF65-4902-B981-DFB1D492F94A}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2435F946-D6BC-473E-9166-47B2CC2398CE}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CC558813-A872-4484-93FF-F16D9C0030CE}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8D034DEA-6249-48D8-8354-F75968000B84}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Ningún archivo
FirewallRules: [{A8355DA3-485B-4920-8DFD-F28C6DC530D0}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Ningún archivo
FirewallRules: [{FCA560F8-EB3E-4AC3-9016-42D725B5F4BE}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => Ningún archivo
FirewallRules: [{360B401A-09C3-4F5E-A86E-D2B363ADB9CB}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => Ningún archivo
FirewallRules: [TCP Query User{23C6E99B-18F5-4718-8513-D90D33C89666}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{E7BCA287-6BA8-436D-B7ED-1C44FAFC7AD9}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{1B3CF6DB-B986-49ED-9D69-79E7451DDF32}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
FirewallRules: [{14D8D019-297F-4620-BA82-F2EF85CD7EFE}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
FirewallRules: [TCP Query User{E18D8CC7-9414-4BCE-883D-0704EBE4C613}C:\program files\ea games\fifa 23\fifa23.exe] => (Allow) C:\program files\ea games\fifa 23\fifa23.exe => Ningún archivo
FirewallRules: [UDP Query User{BD836AC7-1F00-4A55-A7DC-78E1951C0E72}C:\program files\ea games\fifa 23\fifa23.exe] => (Allow) C:\program files\ea games\fifa 23\fifa23.exe => Ningún archivo
FirewallRules: [{FE72C398-A5C5-446B-992A-E80A1B761CED}] => (Allow) C:\Users\jj_ru\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [TCP Query User{4479A959-F6BD-4DCA-AE22-75FFB3170E44}C:\users\jj_ru\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jj_ru\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{754769FC-CA56-48B9-A3CF-301D6F08D5DB}C:\users\jj_ru\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jj_ru\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{13A3935A-3DF8-4369-9ED4-49985084A140}] => (Allow) C:\Users\jj_ru\AppData\Roaming\uTorrent Web\utweb.exe => Ningún archivo
FirewallRules: [{18AC80E6-8069-469A-B3EF-C3D6FF2304FA}] => (Allow) C:\Users\jj_ru\AppData\Roaming\uTorrent Web\utweb.exe => Ningún archivo
FirewallRules: [{02E9570C-C1A0-4F54-99B9-8DBF8529BBCE}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{0B66E835-F168-4CFF-807F-4F9145EFD743}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{76C0B5D4-0F9A-42BF-A4AC-7B991BC287CE}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{3A894E34-8D07-4BFF-BA7B-D8192F2F8D07}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{0868E5F0-B4AD-487A-88D6-72721B320C5A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{FFBC6BDE-95EB-4061-8C54-D51AF9F25836}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{FA6D6EE5-9675-45BC-81AE-6D263B7449EE}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => Ningún archivo
FirewallRules: [{9C8FBE9E-A097-46C9-B647-F87BEE371DF9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{09AECAE8-CE9C-4E82-ADD9-708595387FAA}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkRemote\AsusLinkRemoteAgent.exe => Ningún archivo
FirewallRules: [{17FAC201-35C2-4A6D-A930-FBE0E5C6D00D}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkRemote\AsusLinkRemoteAgent.exe => Ningún archivo
FirewallRules: [{6C9FB5E3-7E34-49B5-A188-A2138765C8C7}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.6.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{4DC55C3D-53D8-4C5F-83B6-9EC9899E001C}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.6.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{F3C1BB0E-1357-4F89-A908-6ED8036286FA}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.6.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{90FF1F10-2BB1-4E34-86EC-50DDD451215D}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.6.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{97BE8884-1CE1-4771-996C-15AF56680D2C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{7345E9B6-4B49-4E3E-8EE7-95F68A81B1C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{9B19CC01-7324-4F5D-B095-F38A2F0C0A24}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{4E2FBEF9-48ED-4658-93F4-D7004B65B16F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B579BB18-4663-4DB2-A1DF-4254E042A3EB}] => (Allow) C:\Users\jj_ru\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{303BF069-B86F-4E0C-8EF5-389D5B1644E6}] => (Allow) C:\Users\jj_ru\AppData\Roaming\Zoom\bin\airhost.exe => Ningún archivo
FirewallRules: [{9F4CAA92-3A1D-4875-8B61-9235B37117B6}] => (Allow) C:\Users\jj_ru\AppData\Roaming\Zoom\bin\airhost.exe => Ningún archivo
FirewallRules: [{567B2CF8-3C62-4CC0-8602-F6EA635550D7}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24033.1005.2701.7380_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9AF42359-1F31-46BF-9244-61EBB539BEE7}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24033.1005.2701.7380_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6AE1EFC6-4985-43FA-9DFA-13FE60B0C20D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe => Ningún archivo
FirewallRules: [{454A0664-FF5C-4442-8663-CD3BA3C93709}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe => Ningún archivo
FirewallRules: [{8885B625-B0EA-4AA5-8FAE-18A338821A84}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe => Ningún archivo
FirewallRules: [{0BF2FFC5-D4E6-4F63-B132-5BDBC24348EC}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe => Ningún archivo
FirewallRules: [{6E5A6F2F-2A00-4720-B198-B4524C98918D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe => Ningún archivo
FirewallRules: [{9D93B19D-8B4A-4B86-AB1C-162E83018F62}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe => Ningún archivo
FirewallRules: [{DDD81C57-4618-4B4B-8CEF-C11FFC71DE73}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe => Ningún archivo
FirewallRules: [{EBEB1BA4-C405-4828-A47D-C742880C12C7}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe => Ningún archivo
FirewallRules: [{354AD176-E9E4-4D4C-8C70-90F3CDA7628C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe => Ningún archivo
FirewallRules: [{4688EE21-6CB9-434C-A1F3-7A574EF2E31B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe => Ningún archivo
FirewallRules: [{F8BDB30E-D2BD-4C16-AE63-DF111EEB3C9C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe => Ningún archivo
FirewallRules: [{940B480A-C4AE-4990-B9A8-3215F51D2135}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.80\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{38982C30-9311-4B3B-A673-BA55391E23E2}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{DBF54E05-9067-4DEB-805C-F35637212DFA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B5E78874-83B3-4E76-BA8E-245F075072A4}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{674A458F-5885-4AA7-9F0A-2C6147C943C6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{63AB7AF2-320A-4495-81DB-237A4A1D37DB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{25347792-75F4-4230-AA67-56049CE27DC6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{78D9F932-6288-4A89-AC06-D90ABAB9C616}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8E4FF94C-16B8-4E88-948A-970B01C7EAA8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FE501E67-419D-4DE1-8762-022A881BB073}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3226ECC1-61DC-47F3-8A99-D99D473C5AFB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{35BDB183-6362-44BD-B8DC-117397BFA712}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8CBA1F6B-1047-4A84-8E05-9F2F3D30284D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{479A1B84-0217-4495-B70E-E513DD2E836D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1039.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [TCP Query User{669897E2-08DE-4947-B55B-83A0AF1C5C6F}C:\xboxgames\as dusk falls\content\dusk.exe] => (Allow) C:\xboxgames\as dusk falls\content\dusk.exe (Acceso Denegado) [Archivo no firmado]
FirewallRules: [UDP Query User{9683179C-9113-4606-9FB3-D0B37AF8334F}C:\xboxgames\as dusk falls\content\dusk.exe] => (Allow) C:\xboxgames\as dusk falls\content\dusk.exe (Acceso Denegado) [Archivo no firmado]
==================== Puntos de Restauración =========================
07-03-2024 20:06:21 Punto de control programado
12-03-2024 18:41:51 Windows Update
17-03-2024 08:12:29 Windows Update
17-03-2024 08:12:31 Windows Update
17-03-2024 08:12:34 Windows Update
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
Name: DAEMON Tools Lite Virtual SCSI Bus
Description: DAEMON Tools Lite Virtual SCSI Bus
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Disc Soft Ltd
Service: dtlitescsibus
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (03/19/2024 02:56:18 PM) (Source: Windows App Runtime) (EventID: 1169) (User: )
Description: Event-ID 1169
Error: (03/19/2024 01:13:06 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/18/2024 07:56:02 PM) (Source: Windows App Runtime) (EventID: 1169) (User: )
Description: Event-ID 1169
Error: (03/18/2024 03:38:41 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/17/2024 11:47:19 PM) (Source: Windows App Runtime) (EventID: 1169) (User: )
Description: Event-ID 1169
Error: (03/17/2024 07:44:54 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/17/2024 07:44:54 AM) (Source: Windows App Runtime) (EventID: 1169) (User: )
Description: Event-ID 1169
Error: (03/15/2024 04:20:56 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Errores del sistema:
=============
Error: (03/19/2024 07:01:57 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio ASUSSystemAnalysis.
Error: (03/19/2024 01:46:08 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (03/19/2024 01:44:06 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (03/19/2024 01:42:00 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (03/18/2024 08:45:12 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (03/18/2024 08:43:05 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (03/18/2024 08:40:52 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (03/18/2024 05:35:41 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: El servicio GoogleUpdater Service 124.0.6359.0 (GoogleUpdaterService124.0.6359.0) se cerró con el error específico de servicio
%%45
Windows Defender:
================
Date: 2024-01-14 22:08:16
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {D3F681E0-2A6C-4BFB-ACCA-812F0779A7A8}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2024-01-14 15:06:58
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {C703D3E1-2B42-4C79-93F5-C14F11ED5A1B}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2024-01-10 20:16:12
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {23AEF9E7-5CE0-4F0C-A28A-27B6DD02B16F}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2024-01-10 20:07:56
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {B92C9FD7-96A4-409E-9BCF-AF2ACFD21CD2}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2024-01-05 21:35:20
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {BCC1D89C-34E3-430E-9FC8-AA63A6FEAC49}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Event[0]
Date: 2023-09-01 18:31:46
Description:
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.397.144.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.23080.2005
Código de error: 0x80070102
Descripción del error: Tiempo de espera de la operación de espera agotado.
Date: 2023-09-01 18:31:46
Description:
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.397.144.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.23080.2005
Código de error: 0x80070102
Descripción del error: Tiempo de espera de la operación de espera agotado.
Date: 2023-05-14 20:51:55
Description:
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.389.947.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.20300.3
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
CodeIntegrity:
===============
Date: 2024-03-19 15:04:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\WPS\1.11.279.1\mc-sec-plugin-x64.dll that did not meet the Windows signing level requirements.
Date: 2024-03-19 14:58:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\WPS\1.11.279.1\mc-sec-plugin-x64.dll that did not meet the Microsoft signing level requirements.
==================== Información de la memoria ===========================
BIOS: American Megatrends International, LLC. M6500QC.303 07/15/2022
Placa base: ASUSTeK COMPUTER INC. M6500QC
Procesador: AMD Ryzen 5 5600H with Radeon Graphics
Porcentaje de memoria en uso: 46%
RAM física total: 15775.47 MB
RAM física disponible: 8498.75 MB
Virtual total: 17888.32 MB
Virtual disponible: 6989.75 MB
==================== Unidades ================================
Drive c: (OS) (Fixed) (Total:475.4 GB) (Free:87.74 GB) (Model: HFM512GD3JX013N) (Protected) NTFS
\\?\Volume{551e1a86-77a5-4c2e-8292-bdee5f46edd0}\ (RECOVERY) (Fixed) (Total:1.07 GB) (Free:0.35 GB) NTFS
\\?\Volume{2687e2ec-1005-439e-a28a-f8e6008f0356}\ (MYASUS) (Fixed) (Total:0.19 GB) (Free:0.12 GB) FAT32
\\?\Volume{46a124e3-9520-4984-8b29-7e7ed0f53fe5}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: ADA97BD9)
Partition: GPT.
==================== Final de Addition.txt =======================
Hola @DanielG
Disculpa la tardanza, he tenido unos asuntos personales que atender y en estos dias y hasta hoy me ha sido imposible hacer los análisis.
Estos son del dia de hoy, 19/03/2024, aunque tengo otros hechos del dia 5 de marzo, de cuando el problema empezo y empece mi busqueda por el foro. Si necesitas esos reportes tambien los puedo adjuntar
El problema me desaparece durante unos dias cuando cierro el proceso rundll32, pero como ya dije en el otro mensaje, cuando pasa un tiempo vuelve a aparecer.
Hola @DanielG
Si, todavia tengo el problema, como dije antes, a veces lo arreglo momentaneamente cerrando el proceso rundll32, pero eventualmente acaba volviendo.
Saludos
Hola nuevamente
Trae un reporte nuevo de farbar ese tiene varios días y pueden haber cambiados algunas cosas.
Saludos
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 02.04.2024
Ejecutado por jj_ru (administrador) sobre PCJESUS (ASUSTeK COMPUTER INC. Vivobook_ASUSLaptop M6500QC_M6500QC) (02-04-2024 23:51:44)
Ejecutado desde C:\Users\jj_ru\OneDrive\Escritorio\FRST64.exe
Perfiles cargados: jj_ru
Plataforma: Microsoft Windows 11 Home Versión 23H2 22631.3374 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.9.0_x64__qmba6cd70vzyy\ModuleDll\HWSettings\AsusOLEDShifter.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_c2532b63de827d3d\ASUSOptimization\AsusOSD.exe
(C:\Program Files\ASUS\ProArt Creator Hub\ProArtCreatorHubService\AsusProArtService.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ProArt Creator Hub\ProArtCreatorHubService\AsusProArtHost.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.11.279.1\extnhost\mc-extn-browserhost.exe
(DriverStore\FileRepository\asussci2.inf_amd64_c2532b63de827d3d\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_c2532b63de827d3d\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_ce09737aeee31fb0\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~3.INF\DAX3API.exe
(DriverStore\FileRepository\u0390792.inf_amd64_c7c1ce20b2f1c813\B390782\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0390792.inf_amd64_c7c1ce20b2f1c813\B390782\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <10>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0390792.inf_amd64_c7c1ce20b2f1c813\B390782\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ProArt Creator Hub\ProArtCreatorHubService\AsusProArtService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_c2532b63de827d3d\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_c2532b63de827d3d\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_c2532b63de827d3d\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_c2532b63de827d3d\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_c2532b63de827d3d\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_c2532b63de827d3d\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Connect\Watchdog\EPWD.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_ce09737aeee31fb0\DAX3API.exe
(services.exe ->) (Focaltech Systems Co., Ltd. -> ) C:\Windows\System32\drivers\UMDF\focalFpSrvcDeamon.exe <2>
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.11.279.1\mc-fw-host.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_6748734245be2098\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c03b1d36a886656b\RtkAudUService64.exe <3>
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\jj_ru\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.11.279.1\neo\core\mc-neo-host.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_6.0.2.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM-x32\...\Run: [Check Point VPN] => C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe [18160832 2021-10-20] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Ningún archivo)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restricción <==== ATENCIÓN
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\Run: [MicrosoftEdgeAutoLaunch_79754ACD234C1A43BE9E72B9A8756169] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4063800 2024-03-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\jj_ru\AppData\Local\Microsoft\Teams\Update.exe [2591600 2024-02-06] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\Run: [GoogleChromeAutoLaunch_E66BC940028D5847782446B77A0FF1F1] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [2773280 2024-03-26] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\123.0.6312.86\Installer\chrmstp.exe [2024-03-29] (Google LLC -> Google LLC)
GroupPolicy: Restricción - Windows Defender <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
==================== Tareas programadas (Lista blanca) =================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {F3047CF9-25BA-43C7-BD28-D6B16BF1BC2B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {814A39DD-BEB0-4A69-AF9F-76A20A021A3A} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_c2532b63de827d3d\ASUSOptimization\AsusHotkey.exe [322792 2024-02-18] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {741137AD-1782-410D-9986-2C6AD1FCAC12} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_c2532b63de827d3d\ASUSSoftwareManager\AsusUpdateChecker.exe [792192 2024-02-18] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {6636B5F5-0C11-4B85-89C8-09CAB8BC9CEB} - System32\Tasks\ASUSProArtUpdateService-Logon => "C:\Program Files\ASUS\ProArt Creator Hub\ProArtCreatorHubService\AsusProArtUpdateService.exe" -cupdate (Ningún archivo)
Task: {31D99C98-F1B9-47D7-B918-7A510FA3FE4E} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_c2532b63de827d3d\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4799720 2024-02-18] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {DF7FAA45-C8A5-49BC-B067-E3C2E9D60878} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5381288 2024-03-27] (Microsoft Windows -> Microsoft Corporation)
Task: {CFC41644-9877-4C04-AAEB-35DFBAAFF956} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6359.0{FB497D2F-1587-4514-855A-AB4F5B2BBC09} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
Task: {CDC6361D-26A5-4B3C-9E87-F65CAAF6389D} - System32\Tasks\McAfee OEM Subscription job => \\?\C:\Program Files\McAfee\WPS\SubscriptionJob\mc-oem-subjob.exe [2169512 2024-02-26] (McAfee, LLC -> McAfee, LLC)
Task: {C6A552B3-1E64-4907-8E69-B0B7D23F5C21} - System32\Tasks\McAfee\WPS\amwebapitriggertask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {05671243-F71C-4982-91EA-C57E2F063AFD} - System32\Tasks\McAfee\WPS\DAD.WPS.Execute.Updates => C:\Program Files\McAfee\WPS\1.11.279.1\dad\3.17.7\mc-dad.exe [2682016 2024-02-28] (McAfee, LLC -> McAfee, LLC)
Task: {4790AC27-3E79-470E-9FE0-6178BF8449F0} - System32\Tasks\McAfee\WPS\datupdatetask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {780F09C2-0821-4CB1-8F08-896237277B1A} - System32\Tasks\McAfee\WPS\McAfee Sustainability => C:\Program Files\McAfee\WPS\1.11.279.1\sustainability\mc-sustainability.exe [778816 2024-01-20] (McAfee, LLC -> McAfee, LLC)
Task: {14BA07D0-951F-46D6-B180-FC6A14DE9AC2} - System32\Tasks\McAfee\WPS\mcpcoscanner => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {25F5C8D3-9677-45F7-BD3D-ED77678FDCC4} - System32\Tasks\McAfee\WPS\NGMCadence => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {0CA3BFD9-5678-4C25-8BA4-61D190B9BBA8} - System32\Tasks\McAfee\WPS\odsscheduledtask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {91C3C59A-8CC1-4DC2-B244-902D7ACB0CAC} - System32\Tasks\McAfee\WPS\systemrebootedtask => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {966F73A4-B0E5-48A0-8BB0-B5B597EFCDDA} - System32\Tasks\McAfee\WPS\Update => {81A7CB63-BB07-4DAD-8E72-07B3A9BB08E2} C:\Program Files\McAfee\WPS\1.11.279.1\mc-update.exe [5075896 2024-01-20] (McAfee, LLC -> McAfee, LLC)
Task: {6B756DA9-0723-41E8-8805-BAD9182764F9} - System32\Tasks\McAfee\WPS\WPSPush => \\?\C:\Program Files\McAfee\WPS\1.11.279.1\mc-wns-client\mc-wns-client.exe [819400 2024-01-20] (McAfee, LLC -> )
Task: {1E7AF4E2-2C27-47D6-B805-720C9134DBEF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D651344-987D-498A-B6EF-6D5A67A3BBEA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {ED3A261D-9AC1-4DA5-AD21-7AB265400EA2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F71E55C9-0827-4948-8089-A328539F4A8B} - System32\Tasks\Microsoft\Windows\Bluetooth\Wgxwsm => C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [58856 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) -> C:\Program Files (x86)\Common Files\DiagnosticFolder\PorysSuide\"C:\Program Files (x86)\Common Files\DiagnosticFolder\PorysSuide\imejyzteogjnt.dll" /silent /unregister
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Ningún archivo)
Task: {D340250D-F62B-4665-B5D8-F4A3A3110F18} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-03-05] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (la entrada de datos tiene 6 más caracteres).
Task: {6D1DC1C2-3A53-4EB5-AFE5-FD857AAC1E0A} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-4134028696-356119575-3157283003-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-03-05] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (la entrada de datos tiene 6 más caracteres).
Task: {6D7BDD51-80C1-47DB-B319-45960E597016} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-03-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {3F21B85E-397C-4E0E-A54E-2F99BAE4DC66} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {76A846A9-BC6C-437D-86CE-0A6A9BF9CA90} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4D66824E-BD95-482F-8F17-9950939226D4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {B0FA841F-AA62-4957-9999-A7D976658C96} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {DAB2D15D-244D-4D1E-958E-11F723F21D2F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A11CFA23-0993-40BC-8249-156B07F137F1} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F5D06D30-2602-4082-AF97-7DFBD8CFFA10} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E3BDE929-E003-4599-8CC3-937D9A23DED0} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B4A9F2FD-9FB5-4384-8FAB-C866052E6D79} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A38BBAC0-64BD-4A8C-9FE9-60C0615F7BB3} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-4134028696-356119575-3157283003-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [65536 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {2FBF333A-35BE-4436-9F25-DA36CADF7389} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c03b1d36a886656b\RtkAudUService64.exe [1588088 2022-08-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip\Parameters: [DhcpNameServer] 212.230.135.2 212.230.135.1
Tcpip\..\Interfaces\{253bae56-508f-4db7-bec3-2742a6a2b489}: [DhcpNameServer] 212.230.135.2 212.230.135.1
Tcpip\..\Interfaces\{253bae56-508f-4db7-bec3-2742a6a2b489}: [DhcpDomain] home
Tcpip\..\Interfaces\{83910a31-4f20-4bae-af66-8babe0357b5a}: [DhcpNameServer] 172.16.0.46 172.16.0.65
Tcpip\..\Interfaces\{a230d696-ea94-4d58-a2d0-3bca64a9b8ae}: [NameServer] 172.17.3.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\jj_ru\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-14]
Edge Extension: (Documentos de Google sin conexión) - C:\Users\jj_ru\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-08]
Edge Extension: (Edge relevant text changes) - C:\Users\jj_ru\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-01]
FireFox:
========
FF DefaultProfile: 65a108cr.default
FF ProfilePath: C:\Users\jj_ru\AppData\Roaming\Mozilla\Firefox\Profiles\65a108cr.default [2024-01-20]
FF ProfilePath: C:\Users\jj_ru\AppData\Roaming\Mozilla\Firefox\Profiles\8ncxq6f5.default-release [2024-03-28]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-03-27] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default [2024-04-02]
CHR Notifications: Default -> hxxps://meet.google.com
CHR Extension: (Extensión de Surfshark VPN) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\Extensions\ailoabdmgclmfmhdagmlohpjlbpffblp [2024-03-19]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-03-10]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2023-01-11]
CHR Extension: (Adobe Acrobat: herramientas para convertir, editar y firmar PDFs) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-03-24]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-03-29]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-24]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-03-24]
CHR Extension: (Excel Online) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\Extensions\iljnkagajgfdmfnnidjijobijlfjfgnb [2024-02-04]
CHR Extension: (Player para ver Movistar+) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2023-01-11]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-11]
CHR Profile: C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-01-09]
CHR Profile: C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-03-22]
CHR Extension: (Adobe Acrobat: herramientas para convertir, editar y firmar PDFs) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-03-22]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-03-22]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-22]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-13]
CHR Profile: C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-04-02]
CHR Extension: (Llamadas de Skype) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2023-03-14]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-03-12]
CHR Extension: (Adobe Acrobat: herramientas para convertir, editar y firmar PDFs) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-03-28]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-04-01]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-28]
CHR Extension: (Night Time In New York City) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jnimonidkipnhnpgkhgliocfnnpgkhek [2023-03-14]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-14]
CHR Profile: C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\System Profile [2024-04-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-4134028696-356119575-3157283003-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_c2532b63de827d3d\AsusAppService\AsusAppService.exe [1176192 2024-02-18] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_c2532b63de827d3d\ASUSOptimization\AsusOptimization.exe [542440 2024-02-18] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSProArtService; C:\Program Files\ASUS\ProArt Creator Hub\ProArtCreatorHubService\AsusProArtService.exe [1594064 2022-03-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_c2532b63de827d3d\ASUSSoftwareManager\AsusSoftwareManager.exe [1377512 2024-02-18] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_c2532b63de827d3d\ASUSSwitch\AsusSwitch.exe [647808 2024-02-18] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_c2532b63de827d3d\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4799720 2024-02-18] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_c2532b63de827d3d\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [850152 2024-02-18] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd -> Disc Soft Ltd)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_ce09737aeee31fb0\DAX3API.exe [2299944 2022-08-17] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 EPWD; C:\Program Files (x86)\CheckPoint\Endpoint Connect\Watchdog\EPWD.exe [510656 2021-07-02] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 focalFpSrvcDeamon; C:\WINDOWS\System32\drivers\UMDF\focalFpSrvcDeamon.exe [300032 2023-05-05] (Focaltech Systems Co., Ltd. -> )
S2 GoogleUpdaterInternalService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
S2 GoogleUpdaterService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
R2 mc-fw-host; C:\Program Files\McAfee\WPS\1.11.279.1\mc-fw-host.exe [2310472 2024-01-20] (McAfee, LLC -> McAfee, LLC)
S3 mc-wps-update; C:\Program Files\McAfee\WPS\1.11.279.1\mc-update.exe [5075896 2024-01-20] (McAfee, LLC -> McAfee, LLC)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [889400 2024-03-14] (McAfee, LLC -> McAfee, LLC)
R2 NativePushService; C:\Users\jj_ru\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [755600 2022-09-17] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R2 TracSrvWrapper; C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [7897280 2021-10-20] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ASUSProArtUpdateService; "C:\Program Files\ASUS\ProArt Creator Hub\ProArtCreatorHubService\AsusProArtUpdateService.exe" [X]
S2 AsusScreenXpertHostService; "C:\Program Files\ASUS\AsusScreenXpert\AsusScreenXpertHostService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_6748734245be2098\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_6748734245be2098\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [54792 2023-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0390792.inf_amd64_c7c1ce20b2f1c813\B390782\amdkmdag.sys [94637408 2023-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_93fc123351137141\AsusPTPFilter.sys [155568 2023-01-05] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_c2532b63de827d3d\ASUSSystemAnalysis\AsusSAIO.sys [49320 2024-02-18] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_c2532b63de827d3d\ASUSOptimization\AsusWmiAcpi.sys [49064 2024-02-18] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2023-01-12] (Microsoft Corporation) [Archivo no firmado]
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30352 2023-07-26] (Disc Soft Ltd -> Disc Soft Ltd)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [218592 2023-11-16] (Microsoft Windows -> Microsoft Corporation)
S0 mfeelam; C:\WINDOWS\System32\DRIVERS\mfeelam.sys [18400 2024-01-20] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R0 mfesec; C:\WINDOWS\System32\DRIVERS\mfesec.sys [82696 2024-01-20] (McAfee, LLC -> McAfee, LLC)
R3 MTKBTFilterX64; C:\WINDOWS\system32\DRIVERS\mtkbtfilterx.sys [296952 2023-02-23] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1420712 2023-03-01] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [253464 2023-07-20] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 rtucx22x64; C:\WINDOWS\System32\DriverStore\FileRepository\rtucx22x64.inf_amd64_a19e472f32bd1e8d\rtucx22x64.sys [1385296 2022-02-25] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 rtux64w10; C:\WINDOWS\System32\DriverStore\FileRepository\rtux64w10.inf_amd64_03831aeaaa2c730e\rtux64w10.sys [683520 2022-05-07] (Microsoft Windows -> Realtek Corporation)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [51192 2024-01-20] (OpenVPN Inc. -> The OpenVPN Project)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [94208 2023-11-16] (Microsoft Windows -> )
R3 vna_ap; C:\WINDOWS\system32\DRIVERS\vnaap.sys [165392 2017-08-01] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R1 vsdatant; C:\WINDOWS\system32\DRIVERS\vsdatant.sys [636800 2020-12-03] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55856 2023-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [594304 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2024-02-29] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) (Lista blanca) =========
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2024-04-01 21:58 - 2024-04-01 21:58 - 001460569 _____ C:\Users\jj_ru\Downloads\Modelo Luna de Miel completo.pdf
2024-03-29 14:04 - 2024-03-29 14:04 - 000027180 _____ C:\Users\jj_ru\Downloads\Justificant de pagament (2).pdf
2024-03-29 13:14 - 2024-03-29 13:14 - 000807420 _____ C:\WINDOWS\system32\perfh00A.dat
2024-03-29 13:14 - 2024-03-29 13:14 - 000163076 _____ C:\WINDOWS\system32\perfc00A.dat
2024-03-28 05:54 - 2024-03-28 05:54 - 000000000 ____D C:\WINDOWS\SysWOW64\DDFs
2024-03-27 21:33 - 2024-03-27 21:33 - 000024320 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-27 21:33 - 2024-03-27 21:33 - 000024320 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-03-27 17:47 - 2024-03-27 17:50 - 000000000 ____D C:\Users\jj_ru\AppData\Roaming\audacity
2024-03-27 17:47 - 2024-03-27 17:47 - 015819112 _____ (Audacity Team ) C:\Users\jj_ru\Downloads\audacity-win-3.4.2-64bit.exe
2024-03-27 17:47 - 2024-03-27 17:47 - 000000867 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2024-03-27 17:47 - 2024-03-27 17:47 - 000000000 ____D C:\Users\jj_ru\AppData\Local\audacity
2024-03-27 17:47 - 2024-03-27 17:47 - 000000000 ____D C:\Program Files\Audacity
2024-03-27 01:12 - 2024-03-27 01:12 - 000100625 _____ C:\Users\jj_ru\Downloads\Odra & jesus.zip
2024-03-27 00:31 - 2024-03-27 00:31 - 000163162 _____ C:\Users\jj_ru\Downloads\Designer (2).jpeg
2024-03-27 00:17 - 2024-03-27 00:17 - 000221979 _____ C:\Users\jj_ru\Downloads\Designer (1).jpeg
2024-03-27 00:11 - 2024-03-27 00:11 - 000223161 _____ C:\Users\jj_ru\Downloads\Designer.jpeg
2024-03-20 21:06 - 2024-03-20 21:06 - 000578873 _____ C:\Users\jj_ru\Downloads\Notificacio-2542747.PDF
2024-03-19 21:03 - 2024-03-19 21:03 - 000001939 _____ C:\Users\jj_ru\OneDrive\Escritorio\Zoom.lnk
2024-03-19 16:04 - 2024-04-02 23:51 - 000036036 _____ C:\Users\jj_ru\OneDrive\Escritorio\FRST.txt
2024-03-19 16:03 - 2024-04-02 23:51 - 000000000 ____D C:\Users\jj_ru\OneDrive\Escritorio\FRST-OlderVersion
2024-03-19 01:48 - 2024-03-19 01:48 - 000000000 ____D C:\Users\jj_ru\AppData\LocalLow\Interior Night Ltd
2024-03-18 22:03 - 2024-03-18 22:03 - 000000000 ____D C:\Users\jj_ru\OneDrive\Documentos\Zoom
2024-03-18 20:59 - 2024-03-18 20:59 - 000050010 _____ C:\Users\jj_ru\Downloads\Certificado titularidad.pdf
2024-03-18 20:58 - 2024-03-18 20:58 - 000031709 _____ C:\Users\jj_ru\Downloads\Borrador20240318195833.pdf
2024-03-18 20:57 - 2024-03-18 20:57 - 000031825 _____ C:\Users\jj_ru\Downloads\Borrador20240318195749.pdf
2024-03-15 17:21 - 2024-03-15 17:21 - 000175891 _____ C:\Users\jj_ru\Downloads\Certificado de residencia Odra Mercedes Saldaña Blanchart.pdf
2024-03-14 22:25 - 2024-03-14 22:25 - 010030427 _____ C:\Users\jj_ru\Downloads\presu.pdf
2024-03-14 22:18 - 2024-03-14 22:18 - 000175711 _____ C:\Users\jj_ru\Downloads\Certificado de residencia Juan Jesus Ruiz Molina.PDF
2024-03-14 21:14 - 2024-03-14 21:14 - 013757861 _____ C:\Users\jj_ru\Downloads\Dossier decoración Mys eventos.pdf
2024-03-14 00:22 - 2024-03-14 00:22 - 000135251 _____ C:\Users\jj_ru\Downloads\Booking #4093070679.pdf
2024-03-13 23:43 - 2024-03-13 23:43 - 000004163 _____ C:\Users\jj_ru\Downloads\Transferencia - Inés Molina Ozaez - Hospital La Inmaculada.pdf
2024-03-13 23:42 - 2024-03-13 23:42 - 000016277 _____ C:\Users\jj_ru\Downloads\13032024224258.pdf
2024-03-13 23:30 - 2024-03-13 23:30 - 000161566 _____ C:\Users\jj_ru\Downloads\CamScanner 13-03-2024 21.49.pdf
2024-03-13 23:30 - 2024-03-13 23:30 - 000058504 _____ C:\Users\jj_ru\Downloads\DOC-20240313-WA0001.(1).pdf
2024-03-13 23:30 - 2024-03-13 23:30 - 000058504 _____ C:\Users\jj_ru\Downloads\DOC-20240313-WA0001.(1) (1).pdf
2024-03-13 21:32 - 2024-03-13 21:32 - 000167634 _____ C:\Users\jj_ru\Downloads\SOL_ENTRA_2024_4718.pdf
2024-03-13 21:27 - 2024-03-13 21:27 - 000167668 _____ C:\Users\jj_ru\Downloads\SOL_ENTRA_2024_4717.pdf
2024-03-13 21:20 - 2024-03-13 21:20 - 000166525 _____ C:\Users\jj_ru\Downloads\SOL_ENTRA_2024_4716.pdf
2024-03-07 17:08 - 2024-03-07 17:08 - 000171589 _____ C:\Users\jj_ru\Downloads\SOL_ENTRA_2024_4335.pdf
2024-03-07 16:27 - 2024-04-02 23:50 - 000004088 _____ C:\WINDOWS\system32\Tasks\McAfee OEM Subscription job
2024-03-07 16:23 - 2024-03-07 16:25 - 000000000 ____D C:\WINDOWS\Minidump
2024-03-07 00:27 - 2024-04-02 23:51 - 000000000 ____D C:\FRST
2024-03-07 00:20 - 2024-04-02 23:51 - 002393088 _____ (Farbar) C:\Users\jj_ru\OneDrive\Escritorio\FRST64.exe
2024-03-06 23:54 - 2024-03-06 23:54 - 000005655 _____ C:\Users\jj_ru\OneDrive\Escritorio\Malwarebytes Informe de análisis 2024-03-05 211234.txt
2024-03-06 00:19 - 2024-03-06 00:24 - 000000073 _____ C:\Bug_TKill.txt
2024-03-06 00:19 - 2024-03-06 00:24 - 000000000 ____D C:\DTRToll
2024-03-05 23:33 - 2024-03-06 00:24 - 001476458 _____ C:\WINDOWS\ntbtlog.txt
2024-03-05 23:33 - 2024-03-06 00:23 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-03-05 23:24 - 2024-03-05 23:24 - 000000000 ____D C:\Users\jj_ru\OneDrive\Escritorio\Nueva carpeta
2024-03-05 23:11 - 2024-03-05 23:11 - 002585496 _____ (Malwarebytes) C:\Users\jj_ru\Downloads\MBSetup.exe
2024-03-05 23:08 - 2024-03-05 23:08 - 000165830 _____ C:\Users\jj_ru\Downloads\SOL_ENTRA_2024_4163.pdf
2024-03-05 22:57 - 2024-03-23 21:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-03-05 21:54 - 2024-03-05 21:54 - 000106269 _____ C:\Users\jj_ru\Downloads\Tasa Padron - Odra Saldaña.pdf
2024-03-05 21:54 - 2024-03-05 21:54 - 000106269 _____ C:\Users\jj_ru\Downloads\Tasa Padron - .pdf
2024-03-05 21:51 - 2024-03-05 21:51 - 000170230 _____ C:\Users\jj_ru\Downloads\SOL_ENTRA_2024_4162.pdf
2024-03-05 21:42 - 2024-03-05 21:42 - 000105639 _____ C:\Users\jj_ru\Downloads\Tasa Padron - J. Jesus Ruiz.pdf
2024-03-05 20:53 - 2024-03-05 20:53 - 000210975 _____ C:\Users\jj_ru\OneDrive\Documentos\Certificado de empadronamiento. Barcelona Jesus.pdf
2024-03-05 20:48 - 2024-03-05 20:48 - 000139001 _____ C:\Users\jj_ru\Downloads\AjtBcn_CertResi_2024-03-05.pdf
2024-03-05 20:48 - 2024-03-05 20:48 - 000139001 _____ C:\Users\jj_ru\Downloads\AjtBcn_CertResi_2024-03-05 (1).pdf
2024-03-05 19:51 - 2024-03-05 19:51 - 000087946 _____ C:\Users\jj_ru\Downloads\Justificante de Presentación REG.pdf
2024-03-05 19:42 - 2024-03-05 19:42 - 000535215 _____ C:\Users\jj_ru\OneDrive\Escritorio\SOLICITUD DUPLICADO.pdf
2024-03-05 19:41 - 2024-03-05 19:43 - 000210068 _____ C:\Users\jj_ru\Downloads\Mod.03-ES.pdf
2024-03-05 19:40 - 2024-03-05 19:40 - 000186008 _____ C:\Users\jj_ru\OneDrive\Escritorio\SOLICITUD DE DUPLICADO.html
2024-03-05 19:40 - 2024-03-05 19:40 - 000000000 ____D C:\Users\jj_ru\OneDrive\Escritorio\SOLICITUD DE DUPLICADO_files
2024-03-05 19:36 - 2024-03-05 19:36 - 000398671 _____ C:\Users\jj_ru\OneDrive\Escritorio\Mod.03-ES.pdf
2024-03-04 20:47 - 2024-03-04 20:47 - 000452465 _____ C:\Users\jj_ru\Downloads\LAYER CAKE bodas.pdf
2024-03-04 20:46 - 2024-03-04 20:46 - 002784164 _____ C:\Users\jj_ru\Downloads\Catalogo Tartas Comuniones 2023.pdf
2024-03-04 17:16 - 2024-03-04 17:16 - 000288139 _____ C:\Users\jj_ru\Downloads\Certificado de Concordancia.pdf
2024-03-04 17:16 - 2024-03-04 17:16 - 000288139 _____ C:\Users\jj_ru\Downloads\Certificado de Concordancia (1).pdf
2024-03-04 12:49 - 2024-03-04 12:49 - 002344202 _____ C:\Users\jj_ru\Downloads\TA-1.pdf
2024-03-04 12:49 - 2024-03-04 12:49 - 002344202 _____ C:\Users\jj_ru\Downloads\TA-1 (1).pdf
2024-03-04 12:49 - 2024-03-04 12:49 - 000925451 _____ C:\Users\jj_ru\OneDrive\Escritorio\TA-1 FIRMADO.pdf
2024-03-04 12:45 - 2024-03-04 12:45 - 001130840 _____ C:\Users\jj_ru\OneDrive\Escritorio\TA-1.pdf
2024-03-04 12:21 - 2024-03-04 12:21 - 000332433 _____ C:\Users\jj_ru\Downloads\DNI parte delantera.jpeg
2024-03-04 12:21 - 2024-03-04 12:21 - 000313760 _____ C:\Users\jj_ru\Downloads\DNI parte trasera.jpeg
2024-03-03 15:15 - 2024-03-03 15:15 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2024-03-03 15:15 - 2024-03-03 15:15 - 000000000 ____D C:\Program Files\Reference Assemblies
2024-03-03 15:15 - 2024-03-03 15:15 - 000000000 ____D C:\Program Files\MSBuild
2024-03-03 15:15 - 2024-03-03 15:15 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2024-03-03 15:15 - 2024-03-03 15:15 - 000000000 ____D C:\Program Files (x86)\MSBuild
2024-03-03 14:50 - 2024-03-03 14:50 - 000000000 ____D C:\ProgramData\Propagation
2024-03-03 14:50 - 2024-03-03 14:50 - 000000000 ____D C:\ProgramData\AMD
2024-03-03 14:44 - 2024-03-03 14:45 - 000000000 ____D C:\Users\jj_ru\AppData\Local\Msg to Pst
2024-03-03 14:44 - 2024-03-03 14:44 - 000000282 _____ C:\ProgramData\ntuser.pol
2024-03-03 13:25 - 2024-03-03 13:25 - 000007174 _____ C:\Users\jj_ru\AppData\Local\9655527093
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2024-04-02 23:50 - 2023-01-11 01:06 - 000000000 ____D C:\Users\jj_ru\AppData\Local\D3DSCache
2024-04-02 23:50 - 2022-10-08 12:03 - 000000000 ____D C:\ProgramData\NVIDIA
2024-04-02 23:50 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-04-02 23:50 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-04-02 23:49 - 2024-02-14 20:49 - 000009707 _____ C:\Users\jj_ru\OneDrive\Escritorio\GASTOS BODA.xlsx
2024-04-02 23:49 - 2023-04-01 15:18 - 000000000 ____D C:\Users\jj_ru\AppData\Roaming\Microsoft\Excel
2024-04-02 23:49 - 2023-01-12 22:11 - 000000000 ____D C:\Users\jj_ru\AppData\Roaming\Microsoft\Word
2024-04-02 23:49 - 2023-01-12 21:09 - 000002880 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2024-04-02 23:49 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-04-02 23:24 - 2023-01-12 21:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-04-02 22:23 - 2023-09-15 17:31 - 000017231 _____ C:\Users\jj_ru\OneDrive\Escritorio\Boda - Lugares.xlsx
2024-04-02 20:21 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-04-01 18:36 - 2023-01-16 17:34 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-04-01 18:36 - 2023-01-16 17:34 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-03-31 18:13 - 2023-01-12 21:09 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4134028696-356119575-3157283003-1001
2024-03-31 18:13 - 2023-01-12 21:09 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4134028696-356119575-3157283003-1001
2024-03-31 18:13 - 2023-01-11 01:08 - 000002415 _____ C:\Users\jj_ru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-29 13:43 - 2023-05-30 18:36 - 000002370 ____H C:\Users\jj_ru\OneDrive\Documentos\Default.rdp
2024-03-29 13:14 - 2023-01-12 21:10 - 001807552 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-29 13:14 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2024-03-29 13:09 - 2023-01-12 20:53 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2024-03-29 13:07 - 2023-06-10 15:11 - 000012288 _____ C:\WINDOWS\system32\Drivers\vsparam.reg
2024-03-29 13:07 - 2023-06-10 15:11 - 000008192 _____ C:\WINDOWS\system32\Drivers\vsflt.reg
2024-03-29 13:07 - 2023-01-12 21:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-29 13:07 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-03-29 13:07 - 2021-10-06 23:08 - 000012288 ___SH C:\DumpStack.log.tmp
2024-03-29 13:06 - 2023-05-30 17:43 - 000012288 _____ C:\WINDOWS\system32\Drivers\vsndis.reg
2024-03-29 13:06 - 2023-01-12 21:02 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2024-03-29 13:06 - 2022-05-07 07:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-03-29 12:41 - 2023-01-11 01:17 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-29 12:41 - 2023-01-11 01:06 - 000000000 ____D C:\Users\jj_ru\AppData\Local\Packages
2024-03-29 12:41 - 2021-10-06 23:08 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-29 12:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2024-03-28 18:27 - 2023-01-11 02:00 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-03-28 16:32 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-03-28 05:54 - 2023-01-12 21:02 - 000505864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-03-28 05:54 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-03-28 05:54 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-03-28 05:54 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-03-28 05:54 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-03-28 05:54 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-03-28 05:54 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-03-28 05:54 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-03-28 05:54 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-03-28 05:54 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\DDFs
2024-03-28 05:54 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-03-28 05:54 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-03-28 05:54 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-03-27 21:35 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-27 21:33 - 2023-01-12 21:07 - 003213824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-03-27 21:29 - 2022-10-08 12:04 - 000000000 ____D C:\ProgramData\McAfee
2024-03-25 20:45 - 2023-01-12 21:09 - 000003708 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-25 20:45 - 2023-01-12 21:09 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-25 20:44 - 2023-01-12 21:09 - 000004122 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2024-03-25 20:44 - 2023-01-12 21:09 - 000003756 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2024-03-19 21:48 - 2024-01-31 17:38 - 000000000 ____D C:\Users\jj_ru\AppData\Roaming\Zoom
2024-03-19 15:58 - 2022-05-07 07:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-03-19 00:40 - 2021-10-06 23:10 - 000000000 ____D C:\ProgramData\Packages
2024-03-19 00:39 - 2023-01-11 21:13 - 000000000 ____D C:\XboxGames
2024-03-15 17:23 - 2024-02-16 19:28 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll
2024-03-15 17:23 - 2023-01-11 21:13 - 002709096 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-03-15 17:23 - 2023-01-11 21:13 - 000706152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-03-15 17:23 - 2023-01-11 21:13 - 000218728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-03-15 17:23 - 2023-01-11 21:13 - 000206440 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-03-15 17:23 - 2023-01-11 21:13 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-03-15 17:23 - 2023-01-11 21:13 - 000108136 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-03-15 17:23 - 2023-01-11 21:13 - 000075368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-03-14 05:57 - 2023-10-13 04:01 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-03-14 05:57 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-03-14 05:57 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\servicing
2024-03-13 22:03 - 2023-01-13 08:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-03-13 21:58 - 2023-01-13 08:17 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-03-13 21:23 - 2023-01-16 17:34 - 000000000 ____D C:\Users\jj_ru\AppData\Roaming\com.adobe.dunamis
2024-03-08 01:14 - 2023-01-13 10:03 - 000000000 ____D C:\Users\jj_ru\AppData\Local\CrashDumps
2024-03-07 16:54 - 2023-01-12 21:04 - 000000000 ____D C:\Users\jj_ru
2024-03-07 16:25 - 2022-10-08 11:47 - 001351789 ____N C:\WINDOWS\Minidump\030724-13296-01.dmp
2024-03-07 16:23 - 2022-10-08 11:47 - 001985440 ____N C:\WINDOWS\Minidump\030724-14250-01.dmp
2024-03-06 00:00 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-03-06 00:00 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-03-05 23:41 - 2023-09-03 14:54 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2024-03-05 23:41 - 2023-09-03 14:27 - 000000000 ____D C:\Users\jj_ru\OneDrive\Escritorio\Partidos
2024-03-05 23:30 - 2023-01-11 02:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-03-05 23:14 - 2023-11-16 08:44 - 000000000 ____D C:\Users\jj_ru\AppData\Roaming\uTorrent Web
2024-03-05 22:59 - 2023-01-11 02:00 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-03-05 22:56 - 2023-01-12 21:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-03-05 22:39 - 2023-03-03 10:46 - 000000000 ____D C:\Program Files\Electronic Arts
2024-03-05 22:39 - 2022-10-08 12:03 - 000000000 ____D C:\ProgramData\Package Cache
2024-03-05 22:33 - 2023-09-07 10:42 - 000000000 ____D C:\Users\jj_ru\AppData\Roaming\Microsoft\Teams
2024-03-03 17:26 - 2023-02-08 11:05 - 000000000 ____D C:\Users\jj_ru\AppData\Roaming\paradox-launcher-v2
2024-03-03 15:16 - 2023-03-03 13:00 - 000000000 ____D C:\Users\jj_ru\OneDrive\Documentos\Electronic Arts
2024-03-03 15:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2024-03-03 15:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\MUI
2024-03-03 14:58 - 2023-03-03 10:53 - 000447752 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2024-03-03 14:55 - 2023-01-11 01:07 - 000000000 ____D C:\Users\jj_ru\AppData\Local\AMD
2024-03-03 14:44 - 2021-06-05 14:10 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
==================== Archivos en la raíz de algunos directorios ========
2024-01-06 01:29 - 2024-01-06 01:29 - 000007174 _____ () C:\Users\jj_ru\AppData\Local\91199005730
2023-03-02 18:38 - 2023-03-02 18:38 - 000004462 _____ () C:\Users\jj_ru\AppData\Local\92207940821
2023-03-29 20:50 - 2023-03-29 20:50 - 000004478 _____ () C:\Users\jj_ru\AppData\Local\9253024401
2023-05-10 12:16 - 2023-10-31 15:37 - 000004478 _____ () C:\Users\jj_ru\AppData\Local\937504910
2023-03-08 09:24 - 2023-03-18 00:16 - 000004462 _____ () C:\Users\jj_ru\AppData\Local\9503667337
2024-03-03 13:25 - 2024-03-03 13:25 - 000007174 _____ () C:\Users\jj_ru\AppData\Local\9655527093
2023-11-16 08:59 - 2023-11-16 08:59 - 000007198 _____ () C:\Users\jj_ru\AppData\Local\9896470859
2023-02-09 18:11 - 2023-02-09 18:11 - 000004622 _____ () C:\Users\jj_ru\AppData\Local\9943258716
2023-01-11 02:04 - 2023-02-23 10:33 - 000535040 _____ (Dirección General de la Policía) C:\Users\jj_ru\AppData\Local\DNIeService.exe
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
==================== Final de FRST.txt ========================
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 02.04.2024
Ejecutado por jj_ru (02-04-2024 23:52:16)
Ejecutado desde C:\Users\jj_ru\OneDrive\Escritorio
Microsoft Windows 11 Home Versión 23H2 22631.3374 (X64) (2023-01-12 19:12:20)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
(Si una entrada es incluida en el fixlist, será eliminada.)
Administrador (S-1-5-21-4134028696-356119575-3157283003-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4134028696-356119575-3157283003-503 - Limited - Disabled)
Invitado (S-1-5-21-4134028696-356119575-3157283003-501 - Limited - Disabled)
jj_ru (S-1-5-21-4134028696-356119575-3157283003-1001 - Administrator - Enabled) => C:\Users\jj_ru
WDAGUtilityAccount (S-1-5-21-4134028696-356119575-3157283003-504 - Limited - Disabled)
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: McAfee (Enabled - Up to date) {17E6E93C-6841-5FC7-DEB8-480FDC929279}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee (Enabled) {2FDD6819-222E-5E9F-F5E7-E13A2241D502}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1034-1033-7760-BC15014EA700}) (Version: 24.001.20629 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Audacity 3.4.2 (HKLM\...\Audacity_is1) (Version: 3.4.2 - Audacity Team)
AutoFirma (HKLM\...\AutoFirma) (Version: 1.7.2 - Gobierno de España)
Blackmagic RAW Common Components (HKLM\...\{5EC3B537-067B-4012-9CB5-4AD928959ED3}) (Version: 3.6 - Blackmagic Design)
Check Point VPN (HKLM-x32\...\{107558F6-7694-4772-BB55-9C8FCA87A8B8}) (Version: 98.61.3510 - Check Point Software Technologies Ltd.)
Configurador FNMT (HKLM-x32\...\ConfiguradorFnmt) (Version: 3.0.1 - FNMT-RCM)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
DaVinci Resolve (HKLM\...\{C6E9E296-C17F-4C61-8BB1-8E2DBA01EEFD}) (Version: 18.6.40006 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{D1ACF467-9FB4-45DA-942F-A19452E70A3F}) (Version: 2.0.7.0 - Blackmagic Design)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.15 - Blackmagic Design)
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 123.0.6312.86 - Google LLC)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Instalable DNIe (HKLM\...\{B7F1288A-FA68-41CA-84AB-B5AB138B2130}) (Version: 15.0.1 - Cuerpo Nacional de Policía) Hidden
Instalador Tarjetas DNIe (HKLM-x32\...\{DD4C4229-4CF0-4C65-90B5-950AF7A67C97}) (Version: 1.1.0 - Cuerpo Nacional de Policía)
McAfee (HKLM\...\McAfee.WPS) (Version: 1.11.279.1 - McAfee, LLC)
Microsoft Access MUI (Spanish) 2016 (HKLM\...\{90160000-0015-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Spanish) 2016 (HKLM\...\{90160000-0090-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 123.0.2420.65 - Microsoft Corporation)
Microsoft Excel MUI (Spanish) 2016 (HKLM\...\{90160000-0016-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Groove MUI (Spanish) 2016 (HKLM\...\{90160000-00BA-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Spanish) 2016 (HKLM\...\{90160000-0044-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2016 (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Spanish) 2016 (HKLM\...\{90160000-00E1-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Spanish) 2016 (HKLM\...\{90160000-00E2-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing (Spanish) 2016 (HKLM\...\{90160000-002C-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - English (HKLM\...\{90160000-001F-0409-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Spanish) 2016 (HKLM\...\{90160000-00C1-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2016 (HKLM\...\{90160000-006E-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office zuzenketa-tresnak 2016 - Euskara (HKLM\...\{90160000-001F-042D-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\OneDriveSetup.exe) (Version: 24.050.0310.0001 - Microsoft Corporation)
Microsoft OneNote MUI (Spanish) 2016 (HKLM\...\{90160000-00A1-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Spanish) 2016 (HKLM\...\{90160000-001A-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Spanish) 2016 (HKLM\...\{90160000-0018-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Spanish) 2016 (HKLM\...\{90160000-0019-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Skype for Business MUI (Spanish) 2016 (HKLM\...\{90160000-012B-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Teams classic (HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\Teams) (Version: 1.7.00.1864 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Word MUI (Spanish) 2016 (HKLM\...\{90160000-001B-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 es-ES) (HKLM\...\Mozilla Firefox 123.0.1 (x64 es-ES)) (Version: 123.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 108.0.2 - Mozilla)
Msg to Pst 1.19 (HKLM-x32\...\Msg to Pst_is1) (Version: 1.19 - )
NVIDIA Broadcast 1.3.0.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIABroadcast) (Version: 1.3.0.55 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 528.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 528.97 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
ProArt Creator Hub Service (HKLM\...\{77CD8075-733B-4F22-9A19-61041EACFADA}) (Version: 2.0.16.0 - ASUSTeK COMPUTER INC.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Telegram Desktop (HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.9.9 - Telegram FZ-LLC)
uTorrent Web (HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\utweb) (Version: 1.4.0 - Rainberry, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WebAdvisor de McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.871 - McAfee, LLC)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 123.0.2420.65 - Microsoft Corporation)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Wondershare Filmora 12(Build 12.3.7.2586) (HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\Wondershare Filmora 12_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare NativePush(Build 1.0.0.7) (HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\Wondershare NativePush_is1) (Version: - )
Zoom (HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\ZoomUMX) (Version: 5.17.7 (31859) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-13] ()
Adobe Express -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeCreativeCloudExpress_2.1.1.0_neutral__ynb6jyjzte8ga [2024-03-28] (Adobe Inc.)
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m [2024-02-07] (Advanced Micro Devices Inc.) [Startup Task]
As Dusk Falls -> C:\Program Files\WindowsApps\Microsoft.3020BF20E956_1.22.9949.0_x64__8wekyb3d8bbwe [2024-03-19] (Microsoft Studios)
B9ECED6F.ScreenPadMaster -> C:\Program Files\WindowsApps\B9ECED6F.ScreenPadMaster_3.1.29.0_x64__qmba6cd70vzyy [2024-04-02] (ASUSTeK COMPUTER INC.)
Commandos 3 - HD Remaster -> C:\Program Files\WindowsApps\KalypsoMediaGroup.Commandos3-HDRemasterWin_1.17.0.0_x64__e60j8nnj33ga6 [2023-02-19] (Kalypso Media Group)
Crusader Kings III -> C:\Program Files\WindowsApps\ParadoxInteractive.ProjectTitus_1.0.614.0_x64__zfnrdv2de78ny [2024-03-29] (Paradox Interactive)
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1200.442.0_x64__8wekyb3d8bbwe [2024-03-21] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.21.269.0_x64__rz1tebttyb220 [2024-03-21] (Dolby Laboratories)
Football Manager 2024 -> C:\Program Files\WindowsApps\SportsInteractive.FootballManager2024_0.9.392.0_x64__5w3tn6tb6stnm [2024-02-29] (Sports Interactive)
Football Manager 2024 Editor -> C:\Program Files\WindowsApps\SportsInteractive.FootballManager2024Editor_0.9.35.2_x64__5w3tn6tb6stnm [2024-02-29] (Sports Interactive)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.23.0_neutral__8xx8rvfyw5nnt [2024-03-28] (Instagram)
McAfee® Security -> C:\Program Files\McAfee\WPS\1.11.279.1 [2024-01-20] ()
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-15] (Microsoft Corp.)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-02-14] (Microsoft Corporation)
Microsoft.Windows.Ai.Copilot.Provider -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-29] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-03-06] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24022.90.0_x64__cw5n1h2txyewy [2024-03-26] (Microsoft Windows) [Startup Task]
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.9.0_x64__qmba6cd70vzyy [2024-04-02] (ASUSTeK COMPUTER INC.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.965.0_x64__56jybvy8sckqj [2024-03-26] (NVIDIA Corp.)
ProArt Creator Hub -> C:\Program Files\WindowsApps\B9ECED6F.ProArtCreatorCenter_2.1.8.0_x64__qmba6cd70vzyy [2024-03-21] (ASUSTeK COMPUTER INC.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.37.275.0_x64__dt26b99r8h8gj [2023-01-14] (Realtek Semiconductor Corp)
Return to Monkey Island -> C:\Program Files\WindowsApps\DevolverDigital.ReturntoMonkeyIslandXBSeriesXS_1.1.1.0_x64__6kzv4j18v0c96 [2023-02-11] (Devolver Digital)
Sea of Thieves -> C:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.128.7221.0_x64__8wekyb3d8bbwe [2024-03-23] (Microsoft Studios)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0 [2024-03-23] (Spotify AB) [Startup Task]
TikTok -> C:\Program Files\WindowsApps\BytedancePte.Ltd.TikTok_1.0.5.0_neutral__6yccndn6064se [2024-03-28] (Bytedance Pte. Ltd.)
WinAppRuntime.Main.1.4 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.4_4000.1082.2259.0_x64__8wekyb3d8bbwe [2024-02-05] (Microsoft Corp.)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.70.1338.0_x64__8wekyb3d8bbwe [2024-03-14] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_5001.70.1338.0_x64__8wekyb3d8bbwe [2024-03-17] (Microsoft Corp.)
Windows App Runtime DDLM 4000.1082.2259.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1082.2259.0-x6_4000.1082.2259.0_x64__8wekyb3d8bbwe [2024-02-05] (Microsoft Corporation)
Windows App Runtime DDLM 4000.1082.2259.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1082.2259.0-x8_4000.1082.2259.0_x86__8wekyb3d8bbwe [2024-02-05] (Microsoft Corporation)
Windows App Runtime DDLM 5001.58.448.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.5001.58.448.0-x6_5001.58.448.0_x64__8wekyb3d8bbwe [2024-03-05] (Microsoft Corporation)
Windows App Runtime DDLM 5001.58.448.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.5001.58.448.0-x8_5001.58.448.0_x86__8wekyb3d8bbwe [2024-03-05] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-03-06] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2023-01-11] (win.rar GmbH)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
CustomCLSID: HKU\S-1-5-21-4134028696-356119575-3157283003-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-4134028696-356119575-3157283003-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\jj_ru\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
CustomCLSID: HKU\S-1-5-21-4134028696-356119575-3157283003-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\jj_ru\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23334.11\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4134028696-356119575-3157283003-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-4134028696-356119575-3157283003-1001_Classes\CLSID\{92a10339-c580-dfd8-94c3-030311ba18f4}\localserver32 -> C:\ProgramData\ASUS\AsusSurvey\AsusSurvey.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
CustomCLSID: HKU\S-1-5-21-4134028696-356119575-3157283003-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\jj_ru\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\WPS\1.11.279.1\mc-ctxmnu.dll [2024-01-20] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> Ningún archivo
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_6748734245be2098\nvshext.dll [2023-07-20] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\WPS\1.11.279.1\mc-ctxmnu.dll [2024-01-20] (McAfee, LLC -> McAfee, LLC)
==================== Codecs (Lista blanca) ====================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2024-03-03] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2024-03-03] (Electronic Arts -> On2.com)
==================== Accesos directos & WMI ========================
(Las entradas pueden ser listadas para ser restauradas o eliminadas.)
ShortcutWithArgument: C:\Users\jj_ru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
ShortcutWithArgument: C:\Users\jj_ru\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Odra - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
==================== Módulos cargados (Lista blanca) =============
2021-10-20 19:14 - 2021-10-20 19:14 - 002048000 _____ () [Archivo no firmado] C:\Program Files (x86)\CheckPoint\Endpoint Connect\xerces-c_3_2.dll
2021-04-11 16:44 - 2021-04-11 16:44 - 000402944 _____ (Codalogic Ltd) [Archivo no firmado] C:\Program Files (x86)\CheckPoint\Endpoint Connect\Watchdog\lmx-MD-vs2017x86.dll
==================== Alternate Data Streams (Lista blanca) ========
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mc-fw-host => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mc-fw-host => ""="Service"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer (Lista blanca) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2021-06-05 14:08 - 2024-03-01 08:27 - 000000822 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jj_ru\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 212.230.135.2 - 212.230.135.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_79754ACD234C1A43BE9E72B9A8756169"
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-4134028696-356119575-3157283003-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [{316FBCED-D681-4BAC-ACF2-DC7A52CD5C7F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FC0017C4-BED3-4BEB-8642-0D220BF5C48F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4E77804E-9858-48A2-A2FC-3F6259ACBEE3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{FAB2A0EF-D81E-42D6-8432-13EB53B34615}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{4B96C1D0-95D4-4D1B-A575-94A145B213BB}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E18D444C-AF65-4902-B981-DFB1D492F94A}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2435F946-D6BC-473E-9166-47B2CC2398CE}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CC558813-A872-4484-93FF-F16D9C0030CE}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8D034DEA-6249-48D8-8354-F75968000B84}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Ningún archivo
FirewallRules: [{A8355DA3-485B-4920-8DFD-F28C6DC530D0}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Ningún archivo
FirewallRules: [{FCA560F8-EB3E-4AC3-9016-42D725B5F4BE}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => Ningún archivo
FirewallRules: [{360B401A-09C3-4F5E-A86E-D2B363ADB9CB}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => Ningún archivo
FirewallRules: [TCP Query User{23C6E99B-18F5-4718-8513-D90D33C89666}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{E7BCA287-6BA8-436D-B7ED-1C44FAFC7AD9}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{1B3CF6DB-B986-49ED-9D69-79E7451DDF32}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
FirewallRules: [{14D8D019-297F-4620-BA82-F2EF85CD7EFE}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
FirewallRules: [TCP Query User{E18D8CC7-9414-4BCE-883D-0704EBE4C613}C:\program files\ea games\fifa 23\fifa23.exe] => (Allow) C:\program files\ea games\fifa 23\fifa23.exe => Ningún archivo
FirewallRules: [UDP Query User{BD836AC7-1F00-4A55-A7DC-78E1951C0E72}C:\program files\ea games\fifa 23\fifa23.exe] => (Allow) C:\program files\ea games\fifa 23\fifa23.exe => Ningún archivo
FirewallRules: [{FE72C398-A5C5-446B-992A-E80A1B761CED}] => (Allow) C:\Users\jj_ru\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [TCP Query User{4479A959-F6BD-4DCA-AE22-75FFB3170E44}C:\users\jj_ru\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jj_ru\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{754769FC-CA56-48B9-A3CF-301D6F08D5DB}C:\users\jj_ru\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jj_ru\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{13A3935A-3DF8-4369-9ED4-49985084A140}] => (Allow) C:\Users\jj_ru\AppData\Roaming\uTorrent Web\utweb.exe => Ningún archivo
FirewallRules: [{18AC80E6-8069-469A-B3EF-C3D6FF2304FA}] => (Allow) C:\Users\jj_ru\AppData\Roaming\uTorrent Web\utweb.exe => Ningún archivo
FirewallRules: [{02E9570C-C1A0-4F54-99B9-8DBF8529BBCE}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{0B66E835-F168-4CFF-807F-4F9145EFD743}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{76C0B5D4-0F9A-42BF-A4AC-7B991BC287CE}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{3A894E34-8D07-4BFF-BA7B-D8192F2F8D07}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{0868E5F0-B4AD-487A-88D6-72721B320C5A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{FFBC6BDE-95EB-4061-8C54-D51AF9F25836}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{FA6D6EE5-9675-45BC-81AE-6D263B7449EE}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => Ningún archivo
FirewallRules: [{9C8FBE9E-A097-46C9-B647-F87BEE371DF9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{09AECAE8-CE9C-4E82-ADD9-708595387FAA}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkRemote\AsusLinkRemoteAgent.exe => Ningún archivo
FirewallRules: [{17FAC201-35C2-4A6D-A930-FBE0E5C6D00D}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkRemote\AsusLinkRemoteAgent.exe => Ningún archivo
FirewallRules: [{97BE8884-1CE1-4771-996C-15AF56680D2C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{7345E9B6-4B49-4E3E-8EE7-95F68A81B1C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{9B19CC01-7324-4F5D-B095-F38A2F0C0A24}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{4E2FBEF9-48ED-4658-93F4-D7004B65B16F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B579BB18-4663-4DB2-A1DF-4254E042A3EB}] => (Allow) C:\Users\jj_ru\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{303BF069-B86F-4E0C-8EF5-389D5B1644E6}] => (Allow) C:\Users\jj_ru\AppData\Roaming\Zoom\bin\airhost.exe => Ningún archivo
FirewallRules: [{9F4CAA92-3A1D-4875-8B61-9235B37117B6}] => (Allow) C:\Users\jj_ru\AppData\Roaming\Zoom\bin\airhost.exe => Ningún archivo
FirewallRules: [{567B2CF8-3C62-4CC0-8602-F6EA635550D7}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24033.1005.2701.7380_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9AF42359-1F31-46BF-9244-61EBB539BEE7}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24033.1005.2701.7380_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6AE1EFC6-4985-43FA-9DFA-13FE60B0C20D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe => Ningún archivo
FirewallRules: [{454A0664-FF5C-4442-8663-CD3BA3C93709}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe => Ningún archivo
FirewallRules: [{8885B625-B0EA-4AA5-8FAE-18A338821A84}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe => Ningún archivo
FirewallRules: [{0BF2FFC5-D4E6-4F63-B132-5BDBC24348EC}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe => Ningún archivo
FirewallRules: [{6E5A6F2F-2A00-4720-B198-B4524C98918D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe => Ningún archivo
FirewallRules: [{9D93B19D-8B4A-4B86-AB1C-162E83018F62}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe => Ningún archivo
FirewallRules: [{DDD81C57-4618-4B4B-8CEF-C11FFC71DE73}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe => Ningún archivo
FirewallRules: [{EBEB1BA4-C405-4828-A47D-C742880C12C7}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe => Ningún archivo
FirewallRules: [{354AD176-E9E4-4D4C-8C70-90F3CDA7628C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe => Ningún archivo
FirewallRules: [{4688EE21-6CB9-434C-A1F3-7A574EF2E31B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe => Ningún archivo
FirewallRules: [{F8BDB30E-D2BD-4C16-AE63-DF111EEB3C9C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe => Ningún archivo
FirewallRules: [TCP Query User{669897E2-08DE-4947-B55B-83A0AF1C5C6F}C:\xboxgames\as dusk falls\content\dusk.exe] => (Allow) C:\xboxgames\as dusk falls\content\dusk.exe (Acceso Denegado) [Archivo no firmado]
FirewallRules: [UDP Query User{9683179C-9113-4606-9FB3-D0B37AF8334F}C:\xboxgames\as dusk falls\content\dusk.exe] => (Allow) C:\xboxgames\as dusk falls\content\dusk.exe (Acceso Denegado) [Archivo no firmado]
FirewallRules: [{D53A37E1-1A49-4F53-842F-1A7AEF28A64E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4864E0DB-652B-49DA-BD2E-604E3DD6935F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7FD75CC7-E476-4403-9AF0-5505EC2AAFC2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CE6D7E49-224A-4844-AF47-8994928A00BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5EAF68BC-7923-440B-BDE6-4E7768040DC3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7538DC39-9E33-42F2-9FE8-22A7C3BF8FE4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EB84B8B4-2B45-498B-9F79-46631E2290A0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AE85FF89-C0B1-448E-B90F-39CCB97CA4D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2ACCF6CD-FC1E-4525-889E-6BF1A2B4DAE7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4BFA113D-E4B4-40DF-BE69-2929CF2D925F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{099A8949-F3D5-4F84-96FD-11A8D37787AA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{00AFC850-D3C5-4F09-8787-2D30FAB20E3D}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_c2532b63de827d3d\ASUSSwitch\AsusSwitchNet.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{30A0B5E7-3F17-4E99-94E2-2B5DA865FFD1}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_c2532b63de827d3d\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{88D65D43-6D5B-4C7B-A22B-90C3528C9062}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.65\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AF83092B-855E-48D0-BD3B-FD7B9E1112DB}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.9.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{A38668EE-6944-4E6F-AB3C-093A5C802D35}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.9.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{6C3C2A9D-006F-495A-A818-EE003A46D108}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.9.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{AB2EADEF-0C50-4BBE-98EB-A430ED66A528}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.9.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
==================== Puntos de Restauración =========================
02-04-2024 20:21:44 Punto de control programado
02-04-2024 20:21:48 Windows Update
02-04-2024 20:21:49 Windows Update
02-04-2024 20:21:59 Windows Update
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
Name: DAEMON Tools Lite Virtual SCSI Bus
Description: DAEMON Tools Lite Virtual SCSI Bus
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Disc Soft Ltd
Service: dtlitescsibus
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (04/02/2024 06:33:10 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/02/2024 06:33:08 PM) (Source: Windows App Runtime) (EventID: 1169) (User: )
Description: Event-ID 1169
Error: (04/01/2024 06:33:57 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/01/2024 06:33:57 PM) (Source: Windows App Runtime) (EventID: 1169) (User: )
Description: Event-ID 1169
Error: (03/31/2024 06:13:26 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/31/2024 06:13:23 PM) (Source: Windows App Runtime) (EventID: 1169) (User: )
Description: Event-ID 1169
Error: (03/29/2024 02:04:46 PM) (Source: Windows App Runtime) (EventID: 1169) (User: )
Description: Event-ID 1169
Error: (03/29/2024 01:14:09 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: El programa mc-wns-client.exe versión 1.11.26.0 dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre este problema, comprueba el historial de problemas en el panel de control de Seguridad y mantenimiento.
Errores del sistema:
=============
Error: (04/02/2024 08:22:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80073d02: 9N7R5S6B0ZZH-B9ECED6F.ASUSPCAssistant.
Error: (04/01/2024 08:57:57 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Se anularon las instantáneas del volumen C: porque el almacenamiento de instantáneas no pudo crecer debido a un límite impuesto por el usuario.
Error: (04/01/2024 07:02:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80073d02: 9N7R5S6B0ZZH-B9ECED6F.ASUSPCAssistant.
Error: (04/01/2024 06:36:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80073d02: 9N7R5S6B0ZZH-B9ECED6F.ASUSPCAssistant.
Error: (04/01/2024 06:35:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80073d02: 9MSSGKG348SP-MicrosoftWindows.Client.WebExperience.
Error: (04/01/2024 06:33:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio McAfee Scheduled Task - (McAfee-Dynamicappdownloader) se cerró con el siguiente error:
Función incorrecta.
Error: (04/01/2024 05:29:23 PM) (Source: DCOM) (EventID: 10010) (User: PCJESUS)
Description: El servidor {F65817C8-DD85-4136-89F0-B9D12939F2C4} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (04/01/2024 05:28:53 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {7EAD5C10-8B3F-11E6-AE22-56B6B6499611} no se registró con DCOM dentro del tiempo de espera requerido.
Windows Defender:
================
Date: 2024-01-14 22:08:16
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {D3F681E0-2A6C-4BFB-ACCA-812F0779A7A8}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2024-01-14 15:06:58
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {C703D3E1-2B42-4C79-93F5-C14F11ED5A1B}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2024-01-10 20:16:12
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {23AEF9E7-5CE0-4F0C-A28A-27B6DD02B16F}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2024-01-10 20:07:56
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {B92C9FD7-96A4-409E-9BCF-AF2ACFD21CD2}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2024-01-05 21:35:20
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {BCC1D89C-34E3-430E-9FC8-AA63A6FEAC49}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Event[0]
Date: 2023-09-01 18:31:46
Description:
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.397.144.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.23080.2005
Código de error: 0x80070102
Descripción del error: Tiempo de espera de la operación de espera agotado.
Date: 2023-09-01 18:31:46
Description:
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.397.144.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.23080.2005
Código de error: 0x80070102
Descripción del error: Tiempo de espera de la operación de espera agotado.
Date: 2023-05-14 20:51:55
Description:
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.389.947.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.20300.3
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
CodeIntegrity:
===============
Date: 2024-04-02 23:51:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\WPS\1.11.279.1\mc-sec-plugin-x64.dll that did not meet the Windows signing level requirements.
Date: 2024-04-02 23:50:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\WPS\1.11.279.1\mc-sec-plugin-x64.dll that did not meet the Windows signing level requirements.
==================== Información de la memoria ===========================
BIOS: American Megatrends International, LLC. M6500QC.303 07/15/2022
Placa base: ASUSTeK COMPUTER INC. M6500QC
Procesador: AMD Ryzen 5 5600H with Radeon Graphics
Porcentaje de memoria en uso: 36%
RAM física total: 15775.47 MB
RAM física disponible: 9992.43 MB
Virtual total: 19103.47 MB
Virtual disponible: 10836.18 MB
==================== Unidades ================================
Drive c: (OS) (Fixed) (Total:475.4 GB) (Free:97.52 GB) (Model: HFM512GD3JX013N) (Protected) NTFS
\\?\Volume{551e1a86-77a5-4c2e-8292-bdee5f46edd0}\ (RECOVERY) (Fixed) (Total:1.07 GB) (Free:0.32 GB) NTFS
\\?\Volume{2687e2ec-1005-439e-a28a-f8e6008f0356}\ (MYASUS) (Fixed) (Total:0.19 GB) (Free:0.12 GB) FAT32
\\?\Volume{46a124e3-9520-4984-8b29-7e7ed0f53fe5}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: ADA97BD9)
Partition: GPT.
==================== Final de Addition.txt =======================
Hola @RadOdd
Realiza lo siguiente
Ahora debes de hacer una COPIA DE SEGURIDAD DEL REGISTRO, para ello:
Reinicias el ordenador en Modo Normal.
Descargas DelFix en tu escritorio.
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)
Marcas solamente la casilla de Create registry backup, el resto te aseguras de que no estén seleccionadas.
Presionas en Run.
Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.
Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe
Start::
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
Folder: C:\Program Files (x86)\Common Files\DiagnosticFolder
File: C:\WINDOWS\SysWOW64\vp6vfw.dll
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Ningún archivo)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restricción <==== ATENCIÓN
GroupPolicy: Restricción - Windows Defender <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Ningún archivo)
Task: {F71E55C9-0827-4948-8089-A328539F4A8B} - System32\Tasks\Microsoft\Windows\Bluetooth\Wgxwsm => C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [58856 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) -> C:\Program Files (x86)\Common Files\DiagnosticFolder\PorysSuide\"C:\Program Files (x86)\Common Files\DiagnosticFolder\PorysSuide\imejyzteogjnt.dll" /silent /unregister
C:\Program Files (x86)\Common Files\DiagnosticFolder\PorysSuide\imejyzteogjnt.dll
C:\Program Files (x86)\Common Files\DiagnosticFolder
Task: {D340250D-F62B-4665-B5D8-F4A3A3110F18} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-03-05] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (la entrada de datos tiene 6 más caracteres).
Task: {6D1DC1C2-3A53-4EB5-AFE5-FD857AAC1E0A} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-4134028696-356119575-3157283003-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-03-05] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (la entrada de datos tiene 6 más caracteres).
S2 ASUSProArtUpdateService; "C:\Program Files\ASUS\ProArt Creator Hub\ProArtCreatorHubService\AsusProArtUpdateService.exe" [X]
S2 AsusScreenXpertHostService; "C:\Program Files\ASUS\AsusScreenXpert\AsusScreenXpertHostService.exe" [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> Ningún archivo
CMD: sfc /scannow
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
End::Lo guardas con el nombre de FIXLIST.TXT en tu escritorio (MUY IMPORTANTE). Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.
El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.
Finalmente (OJO, en MODO NORMAL):
Ejecutas nuevamente FRST.exe (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador).
Presionas sobre Fix/Corregir y esperas a que finalice el proceso. No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.
Cunado finalice, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta.
Reinicias el ordenador en Modo Normal
Luego instala y ejecuta Revo uninstaller
Descarga ZHPCleaner y lo ejecutas siguiendo su manual
Muy Importante Coloca los reportes que te he pedido como se muestra en la siguiente imagen:
Compruebas durante un rato el funcionamiento de este y comentas como sigue el problema inicialmente planteado.
Saludos
Hola @DanielG, te adjunto los informes:
Primero el FIXLIST.TXT
Start::
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
Folder: C:\Program Files (x86)\Common Files\DiagnosticFolder
File: C:\WINDOWS\SysWOW64\vp6vfw.dll
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Ningún archivo)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restricción <==== ATENCIÓN
GroupPolicy: Restricción - Windows Defender <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Ningún archivo)
Task: {F71E55C9-0827-4948-8089-A328539F4A8B} - System32\Tasks\Microsoft\Windows\Bluetooth\Wgxwsm => C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [58856 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) -> C:\Program Files (x86)\Common Files\DiagnosticFolder\PorysSuide\"C:\Program Files (x86)\Common Files\DiagnosticFolder\PorysSuide\imejyzteogjnt.dll" /silent /unregister
C:\Program Files (x86)\Common Files\DiagnosticFolder\PorysSuide\imejyzteogjnt.dll
C:\Program Files (x86)\Common Files\DiagnosticFolder
Task: {D340250D-F62B-4665-B5D8-F4A3A3110F18} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-03-05] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (la entrada de datos tiene 6 más caracteres).
Task: {6D1DC1C2-3A53-4EB5-AFE5-FD857AAC1E0A} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-4134028696-356119575-3157283003-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-03-05] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (la entrada de datos tiene 6 más caracteres).
S2 ASUSProArtUpdateService; "C:\Program Files\ASUS\ProArt Creator Hub\ProArtCreatorHubService\AsusProArtUpdateService.exe" [X]
S2 AsusScreenXpertHostService; "C:\Program Files\ASUS\AsusScreenXpert\AsusScreenXpertHostService.exe" [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> Ningún archivo
CMD: sfc /scannow
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
End::Y ahora, el informe del ZHPCleaner
~ ZHPCleaner v2024.3.29.12 by Nicolas Coolman (2024/03/29)
~ Run by jj_ru (Administrator) (08/04/2024 18:08:20)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Reparar
~ Report : C:\Users\jj_ru\OneDrive\Escritorio\ZHPCleaner (R).txt
~ Quarantine : C:\Users\jj_ru\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : OK
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 11, 64-bit (Build 22631)
---\\ Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados.
---\\ Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.
---\\ Navegadores de Internet (0)
---\\ Hosts carpeta (1)
~ El archivo hosts es legítimo (1)
---\\ Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.
---\\ Explorador ( Archivos, Carpetas ) (9)
MOVIDO carpeta^: C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\History =>.SUP.BrowserHistoric
MOVIDO carpeta: C:\Users\jj_ru\AppData\Local\Microsoft\Edge\User Data\Default\History =>.SUP.BrowserHistoric
MOVIDO carpeta: C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\Preferences =>Préférences Chromium
MOVIDO carpeta: C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences =>Préférences Chromium
MOVIDO carpeta: C:\Users\jj_ru\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium
MOVIDO archivo: C:\Users\jj_ru\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data =>.SUP.BrowserCache
MOVIDO archivo: C:\Users\jj_ru\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data =>.SUP.BrowserCache
MOVIDO archivo: C:\Users\jj_ru\AppData\Local\Mozilla\Firefox\Profiles\65a108cr.default\Cache2 =>.SUP.BrowserCache
MOVIDO archivo: C:\Users\jj_ru\AppData\Local\Mozilla\Firefox\Profiles\8ncxq6f5.default-release\Cache2 =>.SUP.BrowserCache
---\\ Registro ( Claves, Valores, Datos) (5)
BORRADOS dados: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{a230d696-ea94-4d58-a2d0-3bca64a9b8ae}\\NameServer [Bad : 172.17.3.1] =>Hijacker.Browser
BORRADOS dados: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{253bae56-508f-4db7-bec3-2742a6a2b489}\\DhcpNameServer [Bad : 212.230.135.2 212.230.135.1] =>Hijacker.Browser
BORRADOS dados: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer [Bad : 212.230.135.2 212.230.135.1] =>Hijacker.Browser
BORRADOS clave*: HKEY_USERS\S-1-5-21-4134028696-356119575-3157283003-1001\SOFTWARE\Classes\AppXq0pwa73vfcn2qdexp8cexcc6qk87xh1r [] =>Adware.Navipromo
BORRADOS valor: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_E66BC940028D5847782446B77A0FF1F1 ["C:\Program Files\Google\Chrome\Application\chrome] =>PUP.Optional.MyBrowser
---\\ Resumen de elementos en su estación de trabajo (6)
https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/ =>.SUP.BrowserHistoric
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium
https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/ =>.SUP.BrowserCache
https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Adware.Navipromo
https://nicolascoolman.eu/2017/11/01/adware-mybrowser/ =>PUP.Optional.MyBrowser
---\\ Limpieza adicional. (34)
~ Clave de registro Tracing borrados (34)
~ Quitar los antiguos informes de ZHPCleaner. (0)
---\\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ Google Chrome OK
~ Microsoft Edge OK
~ Mozilla Firefox OK
~ Microsoft Internet Explorer OK
~ El sistema ha sido reiniciado.
---\\ STATISTIQUES
~ Items escaneado : 1607
~ Items encontrado : 0
~ artículos cancelados : 0
~ Ahorro de espacio (bytes) : 0
~ Items opciones : 10/18
---\\ OPCIONES NO ACTIVAS
~ Análisis temporal de archivos
~ Análisis temporal de carpetas
~ Análisis de CLSID de carpetas vacías
~ Vaciar otro análisis de carpetas
~ Análisis de carpetas locales vacías
~ Análisis de carpetas locales vacías
~ Análisis de archivos de instalación obsoleto
~ Iniciar navegadores con extensiones eliminadas
~ End of clean in 00h00mn41s
---\\ Reporte (2)
ZHPCleaner-[S]-08042024-18_05_39.txt
ZHPCleaner-[R]-08042024-18_09_01.txtAhora mismo parece que todo va bien, estaré atento en estos días y te avisaré con cualquier cosa extraña que vea.
Muchas gracias por tu tiempo, saludos!