Virus de la doble tilde

Buenas tardes, Llevo toda la mañana leyendo vuestras soluciones con otros usuarios, y la verdad que me he decidido a escribiros a ver si me podéis ayudar… tengo el mismo problema, y un miedo horrible ya que uso este ordenador para el trabajo. Quedo a la espera de vuestras indicaciones. Muchas gracias.

Lo malo es que si la solucion no es rapida, lo mismo tengo que formatear el ordenador por completo, ya que lo necesito para hacer transferencias etc.

Hola, buenas @allodito bienvenido al foro. Al ser nuevo te recomiendo que te leas las políticas de este. No porque hayas hecho nada mal, sino para saber más acerca del funcionamiento de este.

Dicho tipo malware tiene cierta persistencia en el sistema y no se dejará eliminar así como así. Herramientas automatizadas o semi-automatizadas no le harán ni cosquillas. No lo podrán eliminar del sistema, aunque lo detecten, no podrán con este bicho. Así que dejémonos de rodeos, vamos a por faena… eso es vamos directamente con la artillería pesada.

:one: Desactivas tu antivirus :arrow_forward: Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).

Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits.?

:warning: Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

:two: Farbar Recovery Scan Tool

  1. Ejecutas el FRST.exe (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).

  2. Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.

  3. En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.

  4. Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.

:three: Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado. También conectas nuevamente tu equipo a Internet.

:four: PRÓXIMA RESPUESTA

Pegas los reportes de FRST y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

  • No realices pasos/acciones que NOSOTROS no te hayamos indicado.
  • No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
  • No instales NADA (programas/software/complementos/extensiones del navegador…).
  • No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
  • No realices por tu cuenta otros procedimientos.
  • Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

:warning: Muy Importante :warning: Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

Salu2.

Antes que nada, Muchas gracias por responder tan pronto.

Siguiendo tus instrucciones ya me he leído todas las normas del foro…

Me gustaría informarte, que antes de optener tu respuesta, realicé los siguientes pasos… me descargué ccleaner, y pasé el escaneado (la verdad que sin las instrucciones vuestras, ya que eso aún no lo había visto) asimismo y visto que no parecía haberse solucionado, me descargue el programa malwarebytes. tambien pasé el scan, y me puso en cuarentena 124 archivos…

después de hacer esto me da la sensación de que el problema como puedes ver se ha solucionadoya que puedo volver a poner tildes… Pregunta: crees que se ha podido limpiar el ordenador completamente o es mejor que haga los pasos que me comentabas para que lo veas y me ayudes…?

Gracias.

1 me gusta

De nada @allodito

Perfecto :+1:

OK.

Pues depende de las variantes de este tipo de malware, a veces se eliminan temporalmente, pero al cabo de un tiempo pueden volver. Alguna rara vez se eliminan del todo y por norma general no se eliminan así como así o pueden quedar restos de este malware en la máquina y mejor que no quede nada.

Por no hablar de que al tener este tipo de malware, puede ser probable que tengas otros tipos de malware en la máquina y que tu mismo ni lo sepas, ya que no hay síntomas tan evidentes de estos como sí lora en el caso de este que te mostraba la doble tilde. Así que sí, es mejor que sigas mis instrucciones para asegurar que todo esté correcto.

Así que para tu siguiente respuesta me traes lo que te he pedido de FRST y también quiero que me traigas el reporte de malwarebytes con los 124 archivos en la cuarentena. Así le doy un vistazo :eyes:… haber que ha encontrado este por allí.

Salu2.

Estimado @Marr0n,

siguiendo tus instrucciones te paso los informes de FRST e addition.txt espero hacerlo bien…

Este es el FRST

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 05-04-2022
Ejecutado por copem (administrador) sobre ALFONSO (MEDION Akoya P5304 I/C005) (07-04-2022 20:14:16)
Ejecutado desde C:\Users\copem\Desktop
Perfiles cargados: copem
Plataforma: Microsoft Windows 10 Home Versión 21H1 19043.1586 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Edge
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(C:\Program Files (x86)\Common Files\EFI\EFI ES-1000 Service\ES1000Service.exe ->) (Electronics for Imaging, Inc.) [Archivo no firmado] C:\Program Files (x86)\Common Files\EFI\EFI ES-1000 Service\ES1000Server.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files\Logitech Gaming Software\LCore.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
(C:\Program Files\Logitech Gaming Software\LCore.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech Gaming Software\LAClient\laclient.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(explorer.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(RICOH COMPANY,LTD.) [Archivo no firmado] C:\Program Files\RDS\RMClient\MplHDDisp.exe
(RICOH COMPANY,LTD.) [Archivo no firmado] C:\Program Files\RDS\RMClient\PMCTray.exe
(RICOH COMPANY,LTD.) [Archivo no firmado] C:\Program Files\RDS\RMClient\PMJobCliMsg.exe
(services.exe ->) () [Archivo no firmado] C:\Program Files (x86)\EFI\OFASQ\ofaApp.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Electronics for Imaging, Inc.) [Archivo no firmado] C:\Program Files (x86)\Common Files\EFI\EFI ES-1000 Service\ES1000Service.exe
(services.exe ->) (Flexera Software, Inc.  -> Flexera Software, Inc.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(services.exe ->) (Flexera Software, Inc.  -> Flexera Software, Inc.) C:\Program Files (x86)\EFI\EFILM\lmgrd.exe <2>
(services.exe ->) (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_724e05bd98458fe4\RstMwService.exe
(services.exe ->) (LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.22003.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.22003.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmoig.inf_amd64_d5ceaa7015c07460\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (RICOH COMPANY,LTD.) [Archivo no firmado] C:\Windows\System32\PMObserv.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
(svchost.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19572528 2021-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [JobHisInit] => C:\Program Files\RDS\RMClient\JobHisInit.exe [367616 2007-08-31] (RICOH COMPANY,LTD.) [Archivo no firmado]
HKLM\...\Run: [MplSetUp] => C:\Program Files\RDS\RMClient\MplSetUp.exe [86528 2007-08-31] (RICOH COMPANY,LTD.) [Archivo no firmado]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [357944 2022-02-08] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110008 2015-05-26] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [499128 2015-05-26] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [10585376 2022-03-27] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [Archivo no firmado]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2012-09-25] (Brother Industries, Ltd.) [Archivo no firmado]
HKLM-x32\...\Run: [FPDU] => C:\Program Files (x86)\FPDU\Fiery Driver Updater.exe [9006056 2019-03-15] (EFI Software (Electronics for Imaging, Inc.) -> Electronics For Imaging, Inc.)
HKLM-x32\...\Run: [uupdate] => C:\ProgramData\wDcLibs\uhelper.exe [512280 2019-11-28] (Shenzhen Yi Xing Investment Co., Ltd. -> )
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare software CO., LIMITED -> Wondershare)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8146520 2020-06-08] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32350096 2020-07-02] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\Run: [utweb] => C:\Users\copem\AppData\Roaming\uTorrent Web\utweb.exe [5427840 2020-02-11] (Jenkins Win Client Build CA -> BitTorrent Inc.) [Archivo no firmado]
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\Run: [Spotify] => C:\Users\copem\AppData\Roaming\Spotify\Spotify.exe [22351264 2020-02-24] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\Run: [] =>  [X]
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\Run: [MicrosoftEdgeAutoLaunch_F6CF41A387A974AD3652FAB790F1BDD7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3540392 2022-04-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\MountPoints2: {0e2a6e3b-8f55-11ec-9e44-b8aeedf6b5b5} - "F:\project.exe" 
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\MountPoints2: {276f95c5-54e3-11eb-9e13-b8aeedf6b5b5} - "F:\EVESO.exe" 
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\MountPoints2: {279cc090-1d24-11ec-9e33-b8aeedf6b5b5} - "F:\LaunchU3.exe" -a
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\MountPoints2: {3961e8d2-4dbd-11ec-9e3a-b8aeedf6b5b5} - "F:\LaunchU3.exe" -a
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\MountPoints2: {4a006997-bd48-11ea-9e0a-b8aeedf6b5b5} - "F:\LaunchU3.exe" -a
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\MountPoints2: {7464d5f7-bf93-11eb-9e29-b8aeedf6b5b5} - "F:\PC/dgt.exe" 
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\MountPoints2: {8d76df40-4994-11ea-9dce-b8aeedf6b5b5} - "F:\LaunchU3.exe" -a
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\MountPoints2: {9c7bfae1-8aef-11eb-9e26-b8aeedf6b5b5} - "F:\LaunchU3.exe" -a
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\MountPoints2: {9f9e0f5e-39d6-11e6-9bf2-b8aeedf6b5b5} - "G:\LaunchU3.exe" -a
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\MountPoints2: {a7b8a97c-523f-11ea-9dcf-b8aeedf6b5b5} - "F:\StarUSB.exe" 
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\MountPoints2: {a8b350dc-9ea7-11e7-9c54-b8aeedf6b5b5} - "F:\autorunner.exe" "kikkoman_Links_2011.exe"
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\MountPoints2: {b8931535-3970-11ec-9e38-b8aeedf6b5b5} - "F:\laucher.exe" 
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\MountPoints2: {d8438cee-79d4-11e6-9c0e-b8aeedf6b5b5} - "F:\LaunchU3.exe" -a
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\MountPoints2: {de0e41df-a5b6-11e7-9c54-b8aeedf6b5b5} - "F:\Empieza_tu_experiencia_SEAT.exe" 
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\MountPoints2: {e60774ee-1fb9-11ec-9e33-b8aeedf6b5b5} - "F:\cat_gen_es_en.exe" 
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\MountPoints2: {f5672202-be1b-11eb-9e29-b8aeedf6b5b5} - "explorer.exe" hxxp://www.ruralcentral.es/
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\MountPoints2: {fe2ead0f-604a-11e9-9d8a-b8aeedf6b5b5} - "F:\StarUSB.exe" 
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\MountPoints2: {feae0518-15f2-11ec-9e31-b8aeedf6b5b5} - "F:\laucher.exe" 
HKLM\...\Windows x64\Print Processors\E320PP64: C:\Windows\System32\spool\prtprocs\x64\E320PP64.dll [58368 2007-11-30] (RICOH COMPANY, LTD.) [Archivo no firmado]
HKLM\...\Windows x64\Print Processors\ricp6Lpp: C:\Windows\System32\spool\prtprocs\x64\ricp6Lpp.dll [2109440 2014-05-28] (RICOH COMPANY, LTD) [Archivo no firmado]
HKLM\...\Windows x64\Print Processors\ricp6Vpp: C:\Windows\System32\spool\prtprocs\x64\ricp6Vpp.dll [2775040 2016-08-01] (RICOH COMPANY, LTD) [Archivo no firmado]
HKLM\...\Windows x64\Print Processors\RPCSPRN: C:\Windows\System32\spool\prtprocs\x64\RC00C1B1.dll [34304 2007-02-14] (RICOH COMPANY, LTD.) [Archivo no firmado]
HKLM\...\Print\Monitors\Adobe PDF Port: C:\Windows\system32\AdobePDF.dll [55872 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55872 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\INF66Blm: C:\Windows\system32\INF66Blm.dll [26112 2007-05-11] (RICOH CO.,Ltd.) [Archivo no firmado]
HKLM\...\Print\Monitors\RIC54Alm: C:\Windows\system32\RIC54Alm.dll [26112 2007-06-06] (RICOH CO.,Ltd.) [Archivo no firmado]
HKLM\...\Print\Monitors\RIC56Llm: C:\Windows\system32\RIC56Llm.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.)
HKLM\...\Print\Monitors\RIC56Vlm: C:\Windows\system32\RIC56Vlm.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.)
HKLM\...\Print\Monitors\rica6Llm: C:\Windows\system32\rica6Llm.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.)
HKLM\...\Print\Monitors\rica6Vlm: C:\Windows\system32\rica6Vlm.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.)
HKLM\...\Print\Monitors\RICOH Language Monitor2: C:\Windows\system32\rc4mon64.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.)
HKLM\...\Print\Monitors\ricp6Llm: C:\Windows\system32\ricp6Llm.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.)
HKLM\...\Print\Monitors\ricp6Vlm: C:\Windows\system32\ricp6Vlm.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.)
HKLM\...\Print\Monitors\ricu09lm: C:\Windows\system32\ricu09lm.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.)
HKLM\...\Print\Monitors\ricu0ilm: C:\Windows\system32\ricu0ilm.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.)
HKLM\...\Print\Monitors\ricu0slm: C:\Windows\system32\ricu0slm.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.)
HKLM\...\Print\Monitors\SmartDeviceMonitor: C:\Windows\system32\RPNV2MON.DLL [3275776 2013-12-19] (RICOH COMPANY,LTD.) [Archivo no firmado]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.75\Installer\chrmstp.exe [2022-04-05] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Fiery Command WorkStation 5.lnk [2016-12-30]
ShortcutTarget: Fiery Command WorkStation 5.lnk -> C:\Program Files (x86)\Fiery\Applications3\Command WorkStation 5\Contents\WinOS\cws.exe (Electronics for Imaging, Inc) [Archivo no firmado]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SmartDeviceMonitor for Client.lnk [2020-06-17]
ShortcutTarget: SmartDeviceMonitor for Client.lnk -> C:\Program Files\RDS\RMClient\PMClient.exe (RICOH COMPANY,LTD.) [Archivo no firmado]

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {1E173CE3-6052-4109-B8A2-7EA1D1A9ABD9} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {224D85AA-21F1-4851-A6D6-093CDFE20786} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {23BE5725-19B7-46A0-A059-8B00E5810457} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {2F578290-A956-4F89-87C0-56115C108383} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {31EAE53C-901B-4AC6-B980-8AEC44C1582B} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {3773A2DA-10EA-4BAE-8EA8-37BED1C33151} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {4B5411F1-DC48-4D9C-91C8-3E1C63F32AE5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {5031332B-0C83-4C33-AB70-134C640D868E} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6FF096C4-9028-47E4-8200-2A5925B942EF} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572808 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7D3AD043-D1F4-4E29-9E11-4655F3AA419A} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\copem\Downloads\esetonlinescanner.exe SCHED (Ningún archivo)
Task: {84A39E28-BD3A-4DD6-86EF-56BEFC55E263} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {8D26F438-A38E-4950-9707-A59EE776CDB9} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {9339AF70-2A2A-490C-8655-3F6D1CBA2D7C} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\copem\Downloads\esetonlinescanner.exe LOGON (Ningún archivo)
Task: {9C773E3A-BF6E-434C-A453-372AD7AB1424} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9DFFC67B-F5A0-4671-B74E-C9EC7F3B01B7} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A6E2B067-DD5A-4C2C-A590-422994686695} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3724680 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B68CA63A-0F89-49C1-A3AE-0E7E9AFD36A8} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [702856 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BECB70EA-4576-4342-A228-A837E61F1D0E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C3D828C3-B719-4752-B7A4-6F354C3CC36A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-04-04] (Google Inc -> Google LLC)
Task: {C5D805D0-A76C-4789-B446-F0CA0612A0B0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C70BE0BD-4C2F-48D3-BC85-7424C66415EB} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CAAA9F89-48BF-4E73-B8F5-E946E2AC556B} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {CB805C2D-ACDE-4126-94AC-773A8B2134C8} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {D4D86BB1-9BA2-49A3-BC43-695C47E2E190} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-04-04] (Google Inc -> Google LLC)
Task: {D6BEA8C2-196A-4609-AB0D-A86E999F4E24} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [85432 2015-06-03] (CyberLink Corp. -> CyberLink Corp.)
Task: {E81A2215-9157-4FAA-ADBC-E4F2E6FF735E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E9072D0C-55B1-4147-830E-9B623D3562E7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EAB3F2C5-EE28-435D-99D8-C7E8332CEF29} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F19DC954-0736-4A17-AAF0-90282DD3E905} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F9263D6F-99D9-4554-BEDF-D679D8D5A35C} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [3685360 2015-06-04] (Nero AG -> Nero AG)
Task: {FD698DED-6211-4F2D-A182-BFB59639B74F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{4451fe79-5ea5-409e-8b32-8158063b45a1}: [DhcpNameServer] 80.58.61.250 80.58.61.254

Edge: 
=======
DownloadDir: C:\Users\copem\Desktop\Nueva carpeta
Edge Notifications: HKU\S-1-5-21-1502759091-3694474018-589855350-1003 -> hxxps://es-mg42.mail.yahoo.com; hxxps://www.larazon.es
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
Edge DefaultProfile: Default
Edge Profile: C:\Users\copem\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-07]
Edge DownloadDir: Default -> C:\Users\copem\Desktop\Nueva carpeta
Edge Notifications: Default -> hxxps://app.gotowebinar.com; hxxps://es-mg42.mail.yahoo.com; hxxps://honda.mapit.me; hxxps://indeedfinance.com; hxxps://www.elindependiente.com; hxxps://www.facebook.com; hxxps://www.iberdrola.es; hxxps://www.infobae.com; hxxps://www.larazon.es; hxxps://www.merca2.es; hxxps://www.niusdiario.es
Edge HomePage: Default -> hxxp://www.bing.com/?pc=COS2&ptag=D060918-A9FCDBB39EF&form=CONMHP&conlogo=CT3335799
Edge StartupUrls: Default -> "hxxps://es.yahoo.com/","hxxps://tienda.distrisantiago.es/node","hxxps://web.liderpapel.com/es","hxxps://es.mail.yahoo.com/d/folders/1","hxxps://mail.google.com/mail/u/0/?hl=es#inbox","hxxps://www.caixabank.es/particular/home/particulares_es.html#","hxxps://www.bancosantander.es/particulares"
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: 1pvpcba5.default-1537172848458
FF ProfilePath: C:\Users\copem\AppData\Roaming\Mozilla\Firefox\Profiles\1pvpcba5.default-1537172848458 [2022-04-07]
FF Notifications: Mozilla\Firefox\Profiles\1pvpcba5.default-1537172848458 -> hxxps://www.pinterest.es; hxxps://www.online-convert.com; hxxps://www.facebook.com; hxxps://www.nulanteskin.com; hxxps://mp3pro.xyz; hxxps://lmt1.espublicaldru.info; hxxps://www.instagram.com; hxxps://www.motocard.com; hxxps://bayfiles.com; hxxps://www.infoautonomos.com; hxxps://swipcar.com; hxxps://web.wallapop.com; hxxps://es.wallapop.com; hxxps://www.elcorreo.com; hxxps://honda.mapit.me; hxxps://web.whatsapp.com
FF Extension: (Sin Nombre) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [no encontrado]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2016-10-06] [Heredado] [no firmado]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-08-28] (Nero AG -> Nero AG)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)

Chrome: 
=======
CHR Profile: C:\Users\copem\AppData\Local\Google\Chrome\User Data\Default [2022-04-05]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2022-02-25] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8615864 2020-05-20] (BattlEye Innovations e.K. -> )
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [Archivo no firmado]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2022-03-27] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2018-12-13] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 EFI ES1000; C:\Program Files (x86)\Common Files\EFI\EFI ES-1000 Service\ES1000Service.exe [11776 2009-10-19] (Electronics for Imaging, Inc.) [Archivo no firmado]
R2 EFI License Manager; C:\Program Files (x86)\EFI\EFILM\lmgrd.exe [1406800 2016-12-30] (Flexera Software, Inc.  -> Flexera Software, Inc.)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Archivo no firmado]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Archivo no firmado]
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [944720 2020-06-23] (McAfee, LLC -> McAfee, LLC)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Archivo no firmado]
R2 ofaApp; C:\Program Files (x86)\EFI\OFASQ\ofaApp.exe [2252288 2016-12-30] () [Archivo no firmado]
R3 PMObserv; C:\WINDOWS\system32\PMObserv.exe [428544 2013-03-21] (RICOH COMPANY,LTD.) [Archivo no firmado]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29272 2020-06-08] (LAVASOFT SOFTWARE CANADA INC -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120016 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoig.inf_amd64_d5ceaa7015c07460\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmoig.inf_amd64_d5ceaa7015c07460\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [136760 2019-05-07] (Alcorlink Corp. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
S2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [323584 2012-10-06] (Microsoft Windows Hardware Compatibility Publisher -> SafeNet Inc.)
R3 LGBusEnum; C:\WINDOWS\system32\drivers\LGBusEnum64.sys [39432 2022-03-04] (WDKTestCert builder,132609310927560390 -> Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore64.sys [68864 2022-03-04] (WDKTestCert builder,132609310927560390 -> Logitech Inc.)
S3 LGVirHid; C:\WINDOWS\system32\drivers\LGVirHid64.sys [26520 2022-03-04] (WDKTestCert builder,132609310927560390 -> Logitech Inc.)
R3 MpKslf440cf43; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F9862C36-629D-4B38-A593-69219C68DD2F}\MpKslDrv.sys [137464 2022-04-07] (Microsoft Windows -> Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-10-31] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [8287672 2019-01-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-04-07 20:14 - 2022-04-07 20:14 - 000039500 _____ C:\Users\copem\Desktop\FRST.txt
2022-04-07 20:12 - 2022-04-07 20:14 - 000000000 ____D C:\FRST
2022-04-07 19:52 - 2022-04-07 19:52 - 002365440 _____ (Farbar) C:\Users\copem\Desktop\FRST64.exe
2022-04-07 13:56 - 2022-04-07 13:56 - 000158727 _____ C:\Users\copem\Downloads\ALVARITO Y LU CASA MOD1.pdf
2022-04-07 13:56 - 2022-04-07 13:56 - 000157665 _____ C:\Users\copem\Downloads\ALVARITO Y LU CASA.pdf
2022-04-07 13:21 - 2022-04-07 13:21 - 000424735 _____ C:\Users\copem\Downloads\WhatsApp Unknown 2022-04-07 at 13.21.35.zip
2022-04-07 13:21 - 2022-04-07 13:21 - 000121079 ____N C:\Users\copem\Downloads\WhatsApp Image 2022-04-07 at 13.21.29.jpeg
2022-04-07 13:21 - 2022-04-07 13:21 - 000113021 ____N C:\Users\copem\Downloads\WhatsApp Image 2022-04-07 at 13.21.29 (2).jpeg
2022-04-07 13:21 - 2022-04-07 13:21 - 000111115 ____N C:\Users\copem\Downloads\WhatsApp Image 2022-04-07 at 13.21.29 (3).jpeg
2022-04-07 13:21 - 2022-04-07 13:21 - 000078834 ____N C:\Users\copem\Downloads\WhatsApp Image 2022-04-07 at 13.21.29 (1).jpeg
2022-04-07 10:40 - 2022-04-07 10:43 - 000000000 ____D C:\Users\copem\Desktop\Fernando Lara
2022-04-07 10:20 - 2022-04-07 10:21 - 000000000 ____D C:\Users\copem\Desktop\Hoja membrete Angel Arevalo Briones
2022-04-06 11:58 - 2022-04-06 11:58 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2022-04-05 18:05 - 2022-04-07 08:14 - 000000000 ____D C:\Users\copem\AppData\LocalLow\IGDump
2022-04-05 18:05 - 2022-04-05 18:05 - 000000000 ____D C:\Users\copem\AppData\Local\mbam
2022-04-05 18:02 - 2022-04-05 18:02 - 000000000 ____D C:\Program Files\Malwarebytes
2022-04-05 17:57 - 2022-04-05 17:57 - 000001960 _____ C:\Users\Public\Desktop\UsbFix Anti-Malware.lnk
2022-04-05 16:53 - 2022-04-05 16:52 - 004860461 _____ (SOSVirus) C:\Users\copem\Desktop\UsbFix_Premium.exe
2022-04-05 10:34 - 2022-04-05 10:34 - 000000000 ____D C:\WINDOWS\system32\lxss
2022-04-05 10:34 - 2022-04-05 10:34 - 000000000 ____D C:\WINDOWS\LastGood
2022-04-05 09:29 - 2022-04-05 09:29 - 000000000 ____D C:\WINDOWS\Panther
2022-04-05 09:20 - 2022-04-05 09:20 - 000000000 _____ C:\WINDOWS\system32\fpfftResultsFile.txt
2022-04-05 09:19 - 2022-04-05 09:19 - 000000000 ____D C:\WINDOWS\system32\DAX3
2022-04-05 09:19 - 2022-04-05 09:19 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2022-04-05 08:30 - 2022-04-05 08:30 - 000000000 ____D C:\Users\copem\AppData\Roaming\Opera Software
2022-04-04 16:31 - 2022-04-05 19:51 - 000000000 ____D C:\USB File Resc
2022-04-04 14:01 - 2022-04-04 13:55 - 000901276 ____N (Streuner Corporation) C:\Users\copem\Desktop\usb-file-resc_x64 20.0.0.0.exe
2022-03-31 19:05 - 2022-03-31 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-03-27 19:52 - 2022-03-27 19:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-03-27 19:52 - 2022-03-27 19:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-03-27 19:52 - 2022-03-27 19:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-03-27 19:52 - 2022-03-27 19:52 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-03-25 12:08 - 2022-03-31 12:00 - 000000000 ____D C:\Users\copem\OneDrive\Documentos\Marcapaginas fallecimiento maria victoria
2022-03-22 10:15 - 2022-03-29 10:24 - 000309007 ____N C:\Users\copem\Desktop\Retenciones Adecco 2021.pdf
2022-03-18 11:01 - 2022-03-18 11:01 - 000000803 ____N C:\Users\copem\Desktop\cumple Marcos - Acceso directo.lnk
2022-03-18 04:10 - 2022-03-18 04:10 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-03-18 04:10 - 2022-03-18 04:10 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-03-18 04:10 - 2022-03-18 04:10 - 001478392 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-03-18 04:10 - 2022-03-18 04:10 - 001478392 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-03-18 04:10 - 2022-03-18 04:10 - 001467864 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-03-18 04:10 - 2022-03-18 04:10 - 001432328 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-03-18 04:10 - 2022-03-18 04:10 - 001432328 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-03-18 04:10 - 2022-03-18 04:10 - 001209432 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-03-18 04:10 - 2022-03-18 04:10 - 001145616 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-03-18 04:10 - 2022-03-18 04:10 - 001145616 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-03-18 04:07 - 2022-03-18 04:07 - 000795728 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-03-18 04:07 - 2022-03-18 04:07 - 000715920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-03-18 04:07 - 2022-03-18 04:07 - 000636504 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-03-18 04:06 - 2022-03-18 04:06 - 002121664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-03-18 04:06 - 2022-03-18 04:06 - 001600680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-03-18 04:06 - 2022-03-18 04:06 - 001529920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-03-18 04:06 - 2022-03-18 04:06 - 001175696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-03-18 04:06 - 2022-03-18 04:06 - 000981672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-03-18 04:06 - 2022-03-18 04:06 - 000712640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-03-18 04:05 - 2022-03-18 04:05 - 008610472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-03-18 04:05 - 2022-03-18 04:05 - 007713856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-03-18 04:05 - 2022-03-18 04:05 - 005101536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-03-18 04:05 - 2022-03-18 04:05 - 002931880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-03-18 04:05 - 2022-03-18 04:05 - 000792232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-03-18 04:05 - 2022-03-18 04:05 - 000456848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-03-18 04:04 - 2022-03-18 04:04 - 005729728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-03-18 04:03 - 2022-03-18 04:03 - 000850064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-03-18 04:02 - 2022-03-18 04:02 - 006458864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-03-17 19:09 - 2022-03-17 19:28 - 000011063 ____N C:\Users\copem\Desktop\Presupuesto Ana de revistas.xlsx
2022-03-17 17:33 - 2022-03-17 17:33 - 000089337 _____ C:\WINDOWS\system32\nvinfo.pb
2022-03-16 14:40 - 2022-03-16 17:31 - 021798572 ____N C:\Users\copem\OneDrive\Documentos\cura diseño estampas.psd
2022-03-15 09:27 - 2022-03-15 09:27 - 000001820 _____ C:\Users\Public\Desktop\iTunes.lnk
2022-03-15 09:27 - 2022-03-15 09:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2022-03-15 09:26 - 2022-03-15 09:27 - 000000000 ____D C:\Program Files\iTunes
2022-03-11 10:38 - 2022-03-11 10:38 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-11 10:37 - 2022-03-11 10:37 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-11 10:37 - 2022-03-11 10:37 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-11 10:37 - 2022-03-11 10:37 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-11 10:37 - 2022-03-11 10:37 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-11 10:27 - 2022-03-11 10:27 - 000000000 ___HD C:\$WinREAgent

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-04-07 20:12 - 2016-11-19 12:36 - 000000000 ____D C:\Users\copem\AppData\LocalLow\Mozilla
2022-04-07 20:03 - 2010-07-12 10:44 - 000000000 ____D C:\Users\copem\Desktop\Nueva carpeta
2022-04-07 19:59 - 2020-04-04 14:46 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-07 19:59 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-07 19:58 - 2018-03-01 10:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-04-07 19:48 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-07 16:28 - 2020-06-25 19:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-07 14:28 - 2020-06-25 19:34 - 000004218 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E0BC9163-E4B8-4161-A465-688837B6E5E8}
2022-04-07 14:00 - 2016-06-17 12:17 - 000000000 ____D C:\ESCANER
2022-04-07 12:25 - 2016-09-29 09:46 - 000000000 ____D C:\ProgramData\NVIDIA
2022-04-07 10:40 - 2016-06-16 19:08 - 000001170 _____ C:\Users\copem\Desktop\Descargas.lnk
2022-04-07 10:37 - 2018-01-12 21:12 - 000000000 ____D C:\Users\copem\Desktop\Cont. de la tienda
2022-04-07 08:11 - 2021-01-25 09:03 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-06 20:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-06 18:28 - 2018-01-12 21:12 - 000000000 ____D C:\Users\copem\Desktop\contabilidad clientes
2022-04-06 11:57 - 2021-10-06 09:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-04-06 11:57 - 2021-03-13 13:34 - 000000000 ____D C:\Users\Public\Logi
2022-04-06 11:57 - 2016-06-16 18:42 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-04-06 11:57 - 2016-06-16 18:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-06 11:57 - 2016-06-16 18:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-04-05 18:13 - 2020-06-25 19:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-05 18:13 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-04-05 14:27 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-05 14:27 - 2016-09-29 09:46 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-04-05 12:34 - 2016-09-29 09:46 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-04-05 10:46 - 2020-06-25 19:36 - 001772862 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-05 10:46 - 2019-12-07 16:55 - 000788380 _____ C:\WINDOWS\system32\perfh00A.dat
2022-04-05 10:46 - 2019-12-07 16:55 - 000155768 _____ C:\WINDOWS\system32\perfc00A.dat
2022-04-05 10:34 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-05 10:34 - 2018-10-10 12:08 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-04-05 10:34 - 2018-06-28 09:18 - 000000000 ____D C:\ProgramData\Packages
2022-04-05 10:34 - 2018-05-18 10:43 - 000000000 ____D C:\Users\copem\AppData\Local\D3DSCache
2022-04-05 10:34 - 2018-01-18 10:49 - 000000000 ____D C:\Users\copem\AppData\Local\Packages
2022-04-05 10:34 - 2016-06-16 21:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2022-04-05 10:34 - 2016-06-16 17:53 - 000000000 ____D C:\Users\copem\AppData\Local\NVIDIA
2022-04-05 09:19 - 2016-09-29 09:46 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2022-04-05 09:19 - 2016-09-29 09:46 - 000000000 ____D C:\WINDOWS\system32\DAX2
2022-04-05 08:13 - 2020-04-04 14:47 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-04 08:14 - 2020-06-22 08:49 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-02 10:01 - 2014-09-10 18:40 - 000000000 ____D C:\Users\copem\Desktop\Nueva carpeta (2)
2022-04-01 09:45 - 2021-05-24 12:20 - 000000000 ____D C:\Users\copem\Desktop\Nueva carpeta (3)
2022-04-01 08:01 - 2020-06-25 19:34 - 000003652 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-01 08:01 - 2020-06-25 19:34 - 000003528 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-03-31 19:05 - 2016-06-16 18:15 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-03-31 09:03 - 2021-12-11 09:10 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1502759091-3694474018-589855350-1003
2022-03-31 09:03 - 2020-06-25 19:34 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1502759091-3694474018-589855350-1003
2022-03-31 09:03 - 2020-06-25 19:27 - 000002454 ____N C:\Users\copem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-28 14:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-03-24 10:10 - 2016-06-16 18:35 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-03-24 09:22 - 2022-01-31 20:31 - 002258408 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-03-24 09:22 - 2022-01-31 20:31 - 000337384 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-03-24 09:22 - 2022-01-31 20:31 - 000218600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-03-24 09:22 - 2022-01-31 20:31 - 000198120 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-03-24 09:22 - 2022-01-31 20:31 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-03-24 09:22 - 2022-01-31 20:31 - 000120296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-03-24 09:22 - 2022-01-31 20:31 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-03-23 21:13 - 2021-01-25 09:03 - 000601432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-03-23 21:12 - 2021-01-25 09:03 - 000483664 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-23 17:53 - 2017-06-07 19:11 - 000000000 ____D C:\Users\copem\AppData\Roaming\WhatsApp
2022-03-23 17:52 - 2017-06-07 19:12 - 000000000 ____D C:\Users\copem\AppData\Local\WhatsApp
2022-03-21 13:55 - 2017-10-30 10:28 - 000000000 ____D C:\Users\copem\.afirma
2022-03-19 10:43 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-18 10:51 - 2017-07-14 11:51 - 000078848 ____N C:\Users\copem\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2022-03-18 04:02 - 2019-02-23 11:27 - 007611808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-03-16 09:15 - 2016-06-16 18:15 - 000000000 ____D C:\Users\copem\AppData\Local\Dropbox
2022-03-15 18:15 - 2021-09-28 13:30 - 000000000 ____D C:\Users\copem\OneDrive\Documentos\Amor viviente
2022-03-14 13:18 - 2021-09-28 11:01 - 000000000 ____D C:\Users\copem\OneDrive\Documentos\Restaurante Oktoberfest
2022-03-14 09:37 - 2016-06-24 16:53 - 000000000 ____D C:\Users\copem\AppData\Local\ElevatedDiagnostics
2022-03-11 10:44 - 2020-06-25 19:24 - 002577608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-11 10:43 - 2016-06-16 18:15 - 000001022 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2022-03-11 10:43 - 2016-06-16 18:15 - 000001018 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2022-03-11 10:42 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-11 10:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-11 10:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-11 10:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-11 10:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-11 10:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-11 10:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-11 10:42 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-03-11 10:37 - 2020-06-25 19:25 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-11 10:27 - 2016-06-16 21:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-11 10:22 - 2016-06-16 21:05 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-11 09:57 - 2020-06-25 19:34 - 000003980 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2022-03-11 09:57 - 2020-06-25 19:34 - 000003748 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2022-03-10 10:29 - 2021-11-30 13:46 - 000013591 ____N C:\Users\copem\Desktop\TAPA DURA CHANEL STOCK.xlsx
2022-03-09 19:36 - 2018-12-04 12:13 - 000000000 ____D C:\Users\copem\.weasis

==================== Archivos en la raíz de algunos directorios ========

2020-12-03 10:56 - 2021-10-04 08:31 - 000000112 ____N () C:\Users\copem\AppData\Roaming\Prefs. de JP2K (CS6)
2016-10-03 17:59 - 2016-10-03 17:59 - 305520897 ____N () C:\Users\copem\AppData\Local\ACCCx3_8_0_310.zip.aamdownload
2016-10-03 17:59 - 2016-10-03 17:59 - 000003413 ____N () C:\Users\copem\AppData\Local\ACCCx3_8_0_310.zip.aamdownload.aamd
2018-03-14 15:12 - 2018-03-14 15:12 - 000001456 ____N () C:\Users\copem\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2017-07-14 11:51 - 2022-03-18 10:51 - 000078848 ____N () C:\Users\copem\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-28 09:19 - 2018-09-28 09:19 - 000000000 ____N () C:\Users\copem\AppData\Local\oobelibMkey.log
2020-08-17 11:02 - 2020-08-17 11:02 - 000007605 ____N () C:\Users\copem\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================
1 me gusta

Y este addition.txt

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 05-04-2022
Ejecutado por copem (07-04-2022 20:15:30)
Ejecutado desde C:\Users\copem\Desktop
Microsoft Windows 10 Home Versión 21H1 19043.1586 (X64) (2020-06-25 17:34:27)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-1502759091-3694474018-589855350-500 - Administrator - Disabled)
copem (S-1-5-21-1502759091-3694474018-589855350-1003 - Administrator - Enabled) => C:\Users\copem
DefaultAccount (S-1-5-21-1502759091-3694474018-589855350-503 - Limited - Disabled)
Invitado (S-1-5-21-1502759091-3694474018-589855350-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1502759091-3694474018-589855350-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\uTorrent) (Version: 3.5.5.45628 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 22.001.20085 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - Italiano, Español, Nederlands, Português (HKLM-x32\...\{AC76BA86-1040-7D70-7760-000000000005}) (Version: 10.1.16 - Adobe Systems)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
Adobe InDesign 2019 (HKLM-x32\...\IDSN_14_0_3) (Version: 14.0.3 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (32 Bit) (HKLM-x32\...\{7C25E7A0-A0A1-4B87-BB30-BF0FBDC37878}) (Version: 15.2 - Adobe Systems Incorporated)
Apple Application Support (32 bits) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{82C2A7D9-6BFC-4BED-9EF9-C49780F02C3E}) (Version: 15.5.0.16 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
AutoFirma (HKLM\...\AutoFirma) (Version: 1.7.2 - Gobierno de España)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-J615W (HKLM-x32\...\{7FB6B1B7-075B-4B7F-BEB6-97584F73C7B5}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Cisco Webex Meetings (HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\ActiveTouchMeetingClient) (Version: 40.2.8 - Cisco Webex LLC)
Complemento Guardar como PDF o XPS de Microsoft para programas de Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0C0A-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
Comprobación de estado de PC Windows (HKLM\...\{75741B4B-FC87-494A-A380-0EBA06DB89F9}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Configurador FNMT (HKLM-x32\...\ConfiguradorFnmt) (Version: 1.0.2 - FNMT-RCM)
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PowerRecover (HKLM\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.4308 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.4308 - CyberLink Corp.)
DeskTopBinder - SmartDeviceMonitor for Client (HKLM-x32\...\{C138D676-4F0F-4FDE-8BE5-26CFD3566DCD}) (Version: 8.10.1.0 - Ricoh)
DisashopPC (HKLM-x32\...\Disashop_0.1) (Version: 4.1.0 - Disashop)
Dropbox (HKLM-x32\...\Dropbox) (Version: 145.4.4921 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.583.1 - Dropbox, Inc.) Hidden
EFI Flexera License Manager (remove only) (HKLM-x32\...\EFILM) (Version: 0.9.1.2 - EFI)
eMule (HKLM-x32\...\eMule) (Version:  - )
Epic Games Launcher (HKLM-x32\...\{9B504F12-DA3B-4CEC-A6FD-B07D6C1FEA26}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC15014EA700}) (Version: 21.001.20135 - Adobe Systems Incorporated)
Fiery User Software-5.4.0.18 (HKLM-x32\...\{4BF342AD-8CCC-4BFB-BDA7-8EBA32A9A1DF}) (Version: 5.4.0.18 - Electronics For Imaging)
Free WMA to MP3 Converter 1.16 (HKLM-x32\...\Free WMA to MP3 Converter_is1) (Version:  - Jodix Technologies Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.75 - Google LLC)
Handset WinDriver 1.03.02.00 (HKLM-x32\...\Handset WinDriver) (Version: 1.03.02.00 - Huawei technologies Co., Ltd.)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1159 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iTunes (HKLM\...\{1F1C851A-69B1-4FC7-9CB6-061D98E33FA8}) (Version: 12.12.3.5 - Apple Inc.)
Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
License Activation (remove only) (HKLM-x32\...\OFASQ) (Version: 0.9.3.8 - EFI)
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.117 - McAfee, LLC)
M-Factura (HKLM-x32\...\{81E44B4F-0BB7-4BB4-ACC0-AD5FCFBBA38E}) (Version: 06.94.0 - Ikutgroup)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.29 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_PROPLUS_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_PROPLUS_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_PROPLUS_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_PROPLUS_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft OneDrive (HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\OneDriveSetup.exe) (Version: 22.055.0313.0001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Firefox (x64 es-ES) (HKLM\...\Mozilla Firefox 99.0 (x64 es-ES)) (Version: 99.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 99.0.0.8124 - Mozilla)
Nero 2016 (HKLM-x32\...\{4297E807-5633-466A-8AC0-5AC48D310471}) (Version: 17.0.02000 - Nero AG)
Nero 2016 Content Pack (HKLM-x32\...\{006F5CFF-ED35-41AF-9B2A-F52B0F545BF4}) (Version: 17.0.00200 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
NVIDIA Controlador de gráficos 419.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.17 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Paquete de compatibilidad para 2007 Office system (HKLM-x32\...\{90120000-0020-0C0A-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
PokerStars.es (HKLM-x32\...\PokerStars.es) (Version:  - PokerStars.es)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9225.1 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16084.4 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16084.4 - Samsung Electronics Co., Ltd.)
Spotify (HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\Spotify) (Version: 1.1.26.501.gbe11e53b - Spotify AB)
Stashimi Stub Installer (HKLM-x32\...\{910B539D-F257-46C8-9CB8-6C95EFF9CF22}) (Version: 18.001.1 - Nero AG) Hidden
TP-Link Archer T2U Plus Driver (HKLM-x32\...\{D646A985-33A6-4D98-973F-44CC267BD834}) (Version: 2.1.0 - TP-Link)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
uTorrent Web (HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\utweb) (Version: 1.0.8 - BitTorrent, Inc.)
Web Companion (HKLM-x32\...\{cb2031a0-489b-4ac5-a039-682d271c3ba3}) (Version: 6.0.2270.4122 - Lavasoft)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 100.0.1185.29 - Microsoft Corporation)
WhatsApp (HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\WhatsApp) (Version: 2.2047.11 - WhatsApp)
Wondershare DVD Creator(Build 6.5.4) (HKLM-x32\...\Wondershare DVD Creator_is1) (Version:  - Wondershare Software)
Wondershare Filmora9(Build 9.3.7) (HKLM\...\Wondershare Filmora9_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)

Packages:
=========
Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-10-25] (Microsoft Corporation)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-25] (Microsoft Corporation)
Extensión de vídeo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-12-10] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-24] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-25] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-04-05] (NVIDIA Corp.)
RICOH Class Driver Utility -> C:\Program Files\WindowsApps\3EA2211E.RICOHClassDriverUtility_1.4.0.0_neutral__fxme7667cy4q4 [2016-06-16] (Ricoh Company, Ltd.)
RICOH Driver Utility -> C:\Program Files\WindowsApps\3EA2211E.RICOHDriverUtility_4.7.0.0_x86__fxme7667cy4q4 [2021-02-10] (Ricoh Company, Ltd.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1502759091-3694474018-589855350-1003_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\copem\Dropbox [2016-06-16 18:16]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-05-27] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2007-09-21] () [Archivo no firmado]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-21] () [Archivo no firmado]
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-05-27] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Ningún archivo
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2007-09-21] () [Archivo no firmado]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-21] () [Archivo no firmado]
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmoig.inf_amd64_d5ceaa7015c07460\nvshext.dll [2022-03-18] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Ningún archivo
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2007-09-21] () [Archivo no firmado]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-21] () [Archivo no firmado]

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\copem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\826eb6bfbc2ec989\DisashopPC.lnk -> C:\DisashopPC\Disashop.exe () -> --profile-directory=Default

==================== Módulos cargados (Lista blanca) =============

2020-04-06 19:29 - 2009-02-27 16:38 - 000139264 ____R () [Archivo no firmado] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-12-30 13:32 - 2016-12-30 13:32 - 000663552 _____ () [Archivo no firmado] C:\Program Files (x86)\EFI\OFASQ\LIBEXPAT.dll
2016-12-30 13:32 - 2016-12-30 13:32 - 000095232 _____ () [Archivo no firmado] C:\Program Files (x86)\EFI\OFASQ\PocoCrypto.dll
2016-12-30 13:32 - 2016-12-30 13:32 - 001225728 _____ () [Archivo no firmado] C:\Program Files (x86)\EFI\OFASQ\PocoFoundation.dll
2016-12-30 13:32 - 2016-12-30 13:32 - 000666624 _____ () [Archivo no firmado] C:\Program Files (x86)\EFI\OFASQ\PocoNet.dll
2016-12-30 13:32 - 2016-12-30 13:32 - 000210432 _____ () [Archivo no firmado] C:\Program Files (x86)\EFI\OFASQ\PocoNetSSL.dll
2016-12-30 13:32 - 2016-12-30 13:32 - 000333312 _____ () [Archivo no firmado] C:\Program Files (x86)\EFI\OFASQ\PocoUtil.dll
2016-12-30 13:32 - 2016-12-30 13:32 - 000522240 _____ () [Archivo no firmado] C:\Program Files (x86)\EFI\OFASQ\PocoXML.dll
2016-12-30 13:32 - 2016-12-30 13:32 - 000224256 _____ () [Archivo no firmado] C:\Program Files (x86)\EFI\OFASQ\PocoZip.dll
2016-06-16 18:41 - 2007-09-21 10:00 - 000043008 _____ () [Archivo no firmado] C:\Program Files (x86)\WinRAR\rarext64.dll
2018-10-05 10:13 - 2018-10-05 10:13 - 000144896 _____ () [Archivo no firmado] C:\Program Files\Logitech Gaming Software\LAClient\libssh2.dll
2018-10-05 10:13 - 2018-10-05 10:13 - 000077824 _____ () [Archivo no firmado] C:\Program Files\Logitech Gaming Software\LAClient\zlib.dll
2020-04-06 19:29 - 2005-04-22 06:36 - 000143360 _____ () [Archivo no firmado] C:\WINDOWS\system32\BrSNMP64.dll
2015-09-24 17:42 - 2015-09-24 17:42 - 000336896 _____ (Adobe Systems Inc.) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\es_ES\Acrobat Elements\ContextMenu64.esp
2020-04-06 19:29 - 2009-12-23 15:45 - 000327680 ____N (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Browny02\BrMonitor.dll
2020-04-06 19:29 - 2010-02-05 11:42 - 000180224 ____N (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Browny02\BroSNMP.dll
2020-04-06 19:29 - 2009-12-25 15:08 - 000208896 ____R (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
2020-04-06 19:29 - 2011-10-07 14:39 - 000626688 ____N (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2020-04-06 19:29 - 2012-07-05 13:32 - 000084480 _____ (Brother Industries, Ltd.) [Archivo no firmado] C:\WINDOWS\system32\BrNetSti.dll
2016-12-30 13:32 - 2016-12-30 13:32 - 000146432 _____ (Electronics For Imaging, Inc.) [Archivo no firmado] C:\Program Files (x86)\EFI\OFASQ\harmony_core.dll
2016-12-30 13:32 - 2016-12-30 13:32 - 000728064 _____ (Electronics For Imaging, Inc.) [Archivo no firmado] C:\Program Files (x86)\EFI\OFASQ\harmony_efim.dll
2016-12-30 13:32 - 2016-12-30 13:32 - 002019840 _____ (Electronics For Imaging, Inc.) [Archivo no firmado] C:\Program Files (x86)\EFI\OFASQ\harmony10.dll
2016-12-30 13:32 - 2016-12-30 13:32 - 004579328 _____ (Flexera Software, Inc.) [Archivo no firmado] C:\Program Files (x86)\EFI\OFASQ\ofaApp_FNP.dll
2016-12-30 13:24 - 2004-04-06 05:10 - 000499712 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\EFI\EFI ES-1000 Service\MSVCP71.dll
2016-12-30 13:24 - 2004-04-06 05:10 - 000348160 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\EFI\EFI ES-1000 Service\MSVCR71.dll
2003-04-03 19:05 - 2003-04-03 19:05 - 000024576 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\3082\mdmui.dll
2006-10-26 13:44 - 2006-10-26 13:44 - 000123904 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\csm.dll
2006-10-26 13:45 - 2006-10-26 13:45 - 000247296 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\msdbg2.dll
2013-10-03 03:16 - 2007-05-11 03:43 - 000026112 _____ (RICOH CO.,Ltd.) [Archivo no firmado] C:\WINDOWS\System32\INF66Blm.dll
2013-08-19 02:14 - 2007-06-06 02:32 - 000026112 _____ (RICOH CO.,Ltd.) [Archivo no firmado] C:\WINDOWS\System32\RIC54Alm.dll
2017-01-03 20:08 - 2014-05-28 19:35 - 002109440 _____ (RICOH COMPANY, LTD) [Archivo no firmado] C:\WINDOWS\system32\spool\PRTPROCS\x64\ricp6Lpp.dll
2018-05-29 11:50 - 2016-08-01 09:52 - 002775040 _____ (RICOH COMPANY, LTD) [Archivo no firmado] C:\WINDOWS\system32\spool\PRTPROCS\x64\ricp6Vpp.dll
2020-06-17 12:27 - 2009-03-13 15:57 - 000073728 _____ (RICOH COMPANY, LTD.) [Archivo no firmado] C:\WINDOWS\System32\rpnv2ES.dll
2016-06-16 20:14 - 2007-11-30 08:54 - 000058368 _____ (RICOH COMPANY, LTD.) [Archivo no firmado] C:\WINDOWS\system32\spool\PRTPROCS\x64\E320PP64.dll
2016-11-02 09:01 - 2007-02-14 16:08 - 000034304 _____ (RICOH COMPANY, LTD.) [Archivo no firmado] C:\WINDOWS\system32\spool\PRTPROCS\x64\RC00C1B1.dll
2020-06-17 12:27 - 2008-07-28 12:06 - 000438272 ____N (RICOH COMPANY,LTD.) [Archivo no firmado] C:\Program Files\RDS\RMClient\PMClES.dll
2020-06-17 12:27 - 2008-06-04 14:42 - 000019968 _____ (RICOH COMPANY,LTD.) [Archivo no firmado] C:\WINDOWS\PMApiES64.dll
2020-06-17 12:27 - 2010-03-04 15:19 - 001488384 _____ (RICOH COMPANY,LTD.) [Archivo no firmado] C:\WINDOWS\PMCApi64.dll
2020-06-17 12:27 - 2012-09-04 09:57 - 000490496 _____ (RICOH COMPANY,LTD.) [Archivo no firmado] C:\WINDOWS\PMCCom64.dll
2020-06-17 12:27 - 2010-03-04 15:17 - 000166912 _____ (RICOH COMPANY,LTD.) [Archivo no firmado] C:\WINDOWS\PMCMisc64.dll
2020-06-17 12:27 - 2013-12-19 18:33 - 000834048 _____ (RICOH COMPANY,LTD.) [Archivo no firmado] C:\WINDOWS\System32\rpnv2job.dll
2020-06-17 12:27 - 2013-12-19 18:33 - 003275776 _____ (RICOH COMPANY,LTD.) [Archivo no firmado] C:\WINDOWS\System32\RPNV2MON.DLL
2018-10-05 10:13 - 2018-10-05 10:13 - 000355840 _____ (The cURL library, hxxp://curl.haxx.se/) [Archivo no firmado] C:\Program Files\Logitech Gaming Software\LAClient\LIBCURL.dll
2016-12-30 13:32 - 2016-12-30 13:32 - 001019392 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\EFI\OFASQ\LIBEAY32.dll
2016-12-30 13:32 - 2016-12-30 13:32 - 000209920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\EFI\OFASQ\SSLEAY32.dll
2018-10-05 10:13 - 2018-10-05 10:13 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files\Logitech Gaming Software\LAClient\LIBEAY32.dll
2018-10-05 10:13 - 2018-10-05 10:13 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files\Logitech Gaming Software\LAClient\SSLEAY32.dll
2018-04-06 20:29 - 2018-04-06 20:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-06 20:29 - 2018-04-06 20:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files\Logitech Gaming Software\ssleay32.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Users\copem\Desktop\Nueva carpeta:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\copem\Desktop\pedidos de curso:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [444]

==================== Modo Seguro (Lista blanca) ==================

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://ib.adveovision.net/webapp/wcs/stores/servlet/es/adveo-es
hxxp://www.liderpapel.com/es
hxxps://es-mg42.mail.yahoo.com/neo/launch?.rand=5s8l4ho2f17e4
hxxps://www.bankia.es/
hxxps://particulares.gruposantander.es/SUPFPA_ENS/BtoChannelDriver.ssobto?dse_operationName=NavLoginSupernet&dse_parentContextName=&dse_processorState=initial&dse_nextEventName=start&_ga=1.106559363.1875050394.1466095550
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1502759091-3694474018-589855350-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-05-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-06-23] (McAfee, LLC -> McAfee, LLC)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-05-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-06-23] (McAfee, LLC -> McAfee, LLC)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_181-windows-i586.cab
DPF: HKLM-x32 {CAFEEFAC-0018-0000-00181-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_181-windows-i586.cab
DPF: HKLM-x32 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_181-windows-i586.cab
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  Ningún archivo

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2015-07-10 13:04 - 2020-12-03 12:57 - 000001128 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1                   activate.adobe.com
127.0.0.1                   practivate.adobe.com
127.0.0.1 na1r.services.adobe.com 
127.0.0.1 hlrcv.stage.adobe.com 
127.0.0.1 lmlicenses.wip4.adobe.com 
127.0.0.1 lm.licenses.adobe.com 
127.0.0.1 genuine.adobe.com 
127.0.0.1 prod.adobegenuine.com 

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\PROGRA~2\Fiery\APPLIC~1\COMMON~1\EFI;C:\PROGRA~2\Java\jre6\bin;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\PROGRA~2\COMMON~1\EFI;C:\PROGRA~2\COMMON~1\EFI\EFIES-~1;C:\Program Files (x86)\Common Files\Apple\Internet Services\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\AutoFirma\AutoFirma;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\copem\OneDrive\Imágenes\Fondo-de-pantalla-de-Windows-10.png
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\StartupFolder: => "Fiery Command WorkStation 5.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-1502759091-3694474018-589855350-1003\...\StartupApproved\Run: => "Spotify"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [UDP Query User{E55F0685-DAF8-43C6-AE23-DBD7D93498CA}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{40D614E4-CAEE-42F8-8B00-B02200DF6DFE}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{B1B5813E-A17D-4AF2-BB19-4FC2C61D5831}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6466F5E4-37E2-4BBE-A38D-9F0DE6CB0FA4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{36859A32-5617-4260-9A35-91D7F0A0B34A}G:\windowsviewer.exe] => (Block) G:\windowsviewer.exe => Ningún archivo
FirewallRules: [UDP Query User{5F4A5494-E4A5-4AD8-9BB8-96DABC46B06D}G:\windowsviewer.exe] => (Block) G:\windowsviewer.exe => Ningún archivo
FirewallRules: [{F7E26C56-D373-4296-BD7B-862E8A198B17}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{ADDCB5D2-D6B7-4B42-BA11-25FC2F1C30F0}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [UDP Query User{A0D40C47-C13B-4539-BED0-A292728F8AA7}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [TCP Query User{5AF4CDC7-F753-4ABE-BACD-6E54F28736AD}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [UDP Query User{E492347F-DB8C-4CE1-9DC0-CF56CF145BD8}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [TCP Query User{6F835403-0F0E-4BA9-B93C-17303FD8E5E8}C:\program files (x86)\nero\nero 2016\nero burning rom\nero.exe] => (Allow) C:\program files (x86)\nero\nero 2016\nero burning rom\nero.exe (Nero AG -> Nero AG)
FirewallRules: [UDP Query User{AD31C70B-9B8A-4773-8C0C-A1E39980046D}C:\program files (x86)\nero\nero 2016\nero burning rom\nero.exe] => (Allow) C:\program files (x86)\nero\nero 2016\nero burning rom\nero.exe (Nero AG -> Nero AG)
FirewallRules: [TCP Query User{19FD68CD-DE88-40E1-A9EE-7B99A575E388}C:\program files (x86)\nero\nero 2016\nero burning rom\nero.exe] => (Block) C:\program files (x86)\nero\nero 2016\nero burning rom\nero.exe (Nero AG -> Nero AG)
FirewallRules: [UDP Query User{7ECE9C54-A88C-460A-85F2-5E483A81953C}C:\program files (x86)\nero\nero 2016\nero burning rom\nero.exe] => (Block) C:\program files (x86)\nero\nero 2016\nero burning rom\nero.exe (Nero AG -> Nero AG)
FirewallRules: [{75D85A48-FB6D-4712-B0AE-7809AEF9D70D}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3EABBFD4-1354-4F25-ABCF-958F379C7BB9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3F41DC7F-C55E-4332-915B-00454774B86F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{367594FC-0A9B-48AE-8443-7FBB8B0F8BD8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{52D79D8A-5ED4-4E7E-B9E3-D9CA8E3092D6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ACE5F00F-399B-46E2-B482-EF44ADF2DD70}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{3ED2A000-E0E8-49C9-8DC6-0B232B0683A9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{44C11A79-D946-40E5-BB3D-841D745C2DFD}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.29\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Puntos de Restauración =========================

06-04-2022 08:35:16 Punto de control programado

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (04/07/2022 07:48:02 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.

Error: (04/05/2022 08:13:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 46500

Error: (04/05/2022 08:13:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 46500

Error: (04/05/2022 08:13:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/05/2022 08:12:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 30953

Error: (04/05/2022 08:12:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 30953

Error: (04/05/2022 08:12:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/05/2022 08:12:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15469


Errores del sistema:
=============
Error: (04/05/2022 08:13:19 PM) (Source: volsnap) (EventID: 25) (User: )
Description: Se eliminaron las instantáneas del volumen C: porque el almacenamiento de instantáneas no se completó a tiempo. Considere reducir la carga de E/S en el sistema o elija un volumen de almacenamiento de instantáneas del que no se esté haciendo una instantánea.

Error: (04/05/2022 06:13:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio hardlock no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (04/05/2022 06:13:43 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: hardlock.sys

Error: (04/05/2022 06:13:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio LMS no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (04/05/2022 06:13:29 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5

Error: (04/05/2022 05:31:09 PM) (Source: DCOM) (EventID: 10000) (User: ALFONSO)
Description: No se puede iniciar un servidor DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Error 
"2147942767"
al iniciar este comando:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (04/05/2022 05:14:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Installer terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.

Error: (04/05/2022 05:06:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio hardlock no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador


Windows Defender:
================
Date: 2022-04-05 16:00:42
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/Bandoo&threatid=312045&enterprise=0
Nombre: PUADlManager:Win32/Bandoo
Id.: 312045
Gravedad: Baja
Categoría: Software potencialmente no deseado
Ruta de acceso: file:_D:\Helen 2\MTL\2021\DOCUMENTOS MAC\01 MTL\Oper MTL\Iglesia\Descargas\iLividSetupV1(1).exe; file:_D:\Helen 2\MTL\ORDENADOR GUARDAR\Documents\DOCUMENTOS\01 MTL\Oper MTL\Iglesia\Descargas\iLividSetupV1(1).exe; file:_F:\MTL\2021\DOCUMENTOS MAC\01 MTL\Oper MTL\Iglesia\Descargas\iLividSetupV1(1).exe; file:_F:\MTL\ORDENADOR GUARDAR\Documents\DOCUMENTOS\01 MTL\Oper MTL\Iglesia\Descargas\iLividSetupV1(1).exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: ALFONSO\copem
Nombre de proceso: C:\Windows\explorer.exe
Versión de inteligencia de seguridad: AV: 1.361.1350.0, AS: 1.361.1350.0, NIS: 1.361.1350.0
Versión de motor: AM: 1.1.19000.8, NIS: 1.1.19000.8

Date: 2022-04-05 15:29:35
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/Bandoo&threatid=312045&enterprise=0
Nombre: PUADlManager:Win32/Bandoo
Id.: 312045
Gravedad: Baja
Categoría: Software potencialmente no deseado
Ruta de acceso: file:_D:\Helen 2\MTL\2021\DOCUMENTOS MAC\01 MTL\Oper MTL\Iglesia\Descargas\iLividSetupV1(1).exe; file:_F:\MTL\2021\DOCUMENTOS MAC\01 MTL\Oper MTL\Iglesia\Descargas\iLividSetupV1(1).exe; file:_F:\MTL\ORDENADOR GUARDAR\Documents\DOCUMENTOS\01 MTL\Oper MTL\Iglesia\Descargas\iLividSetupV1(1).exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: ALFONSO\copem
Nombre de proceso: C:\Windows\explorer.exe
Versión de inteligencia de seguridad: AV: 1.361.1350.0, AS: 1.361.1350.0, NIS: 1.361.1350.0
Versión de motor: AM: 1.1.19000.8, NIS: 1.1.19000.8

Date: 2022-04-05 14:55:31
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/Bandoo&threatid=312045&enterprise=0
Nombre: PUADlManager:Win32/Bandoo
Id.: 312045
Gravedad: Baja
Categoría: Software potencialmente no deseado
Ruta de acceso: file:_F:\MTL\2021\DOCUMENTOS MAC\01 MTL\Oper MTL\Iglesia\Descargas\iLividSetupV1(1).exe; file:_F:\MTL\ORDENADOR GUARDAR\Documents\DOCUMENTOS\01 MTL\Oper MTL\Iglesia\Descargas\iLividSetupV1(1).exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: ALFONSO\copem
Nombre de proceso: C:\Windows\explorer.exe
Versión de inteligencia de seguridad: AV: 1.361.1350.0, AS: 1.361.1350.0, NIS: 1.361.1350.0
Versión de motor: AM: 1.1.19000.8, NIS: 1.1.19000.8

Date: 2022-04-05 14:38:59
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/Bandoo&threatid=312045&enterprise=0
Nombre: PUADlManager:Win32/Bandoo
Id.: 312045
Gravedad: Baja
Categoría: Software potencialmente no deseado
Ruta de acceso: file:_F:\MTL\ORDENADOR GUARDAR\Documents\DOCUMENTOS\01 MTL\Oper MTL\Iglesia\Descargas\iLividSetupV1(1).exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: ALFONSO\copem
Nombre de proceso: C:\Windows\explorer.exe
Versión de inteligencia de seguridad: AV: 1.361.1350.0, AS: 1.361.1350.0, NIS: 1.361.1350.0
Versión de motor: AM: 1.1.19000.8, NIS: 1.1.19000.8

Date: 2022-04-05 14:01:50
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/Bandoo&threatid=312045&enterprise=0
Nombre: PUADlManager:Win32/Bandoo
Id.: 312045
Gravedad: Baja
Categoría: Software potencialmente no deseado
Ruta de acceso: file:_F:\MTL\ORDENADOR GUARDAR\Documents\DOCUMENTOS\01 MTL\Oper MTL\Iglesia\Descargas\iLividSetupV1(1).exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: ALFONSO\copem
Nombre de proceso: C:\Windows\explorer.exe
Versión de inteligencia de seguridad: AV: 1.361.1350.0, AS: 1.361.1350.0, NIS: 1.361.1350.0
Versión de motor: AM: 1.1.19000.8, NIS: 1.1.19000.8

CodeIntegrity:
===============
Date: 2022-04-07 13:27:09
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Common Files\Adobe\AdobeGCClient\HDPIM.dll that did not meet the Microsoft signing level requirements.

Date: 2022-04-07 08:22:51
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. 110H4W0X.111 12/14/2017
Placa base: MEDION H110H4-CM2
Procesador: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Porcentaje de memoria en uso: 52%
RAM física total: 8144.46 MB
RAM física disponible: 3854.1 MB
Virtual total: 10320.46 MB
Virtual disponible: 4347.42 MB

==================== Unidades ================================

Drive c: (Boot) (Fixed) (Total:117.53 GB) (Free:1.79 GB) NTFS
Drive d: (Data) (Fixed) (Total:871.51 GB) (Free:369.71 GB) NTFS
Drive e: (Recover) (Fixed) (Total:60 GB) (Free:42.61 GB) NTFS

\\?\Volume{0e943437-0c78-43a9-a1d4-06cd41a4c771}\ () (Fixed) (Total:0.49 GB) (Free:0.04 GB) NTFS
\\?\Volume{a4d42525-3421-4cbe-ae30-946e464dc643}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DF1E0152)

Partition: GPT.

==========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: DF1E013A)

Partition: GPT.

==================== Final de Addition.txt =======================

Lo único, me pides tambien el informe de malwarebytes, te comento: una vez que pasé el programa lo borre, y lo cierto es que no sé como (en el caso de que todavía pueda) recuperar/acceder a dicho informe… si aún puedo y eres tan amable de decirme como accedo a él, te lo paso con gusto…

Muchas gracias por todo… Quedo a la espera de tus instrucciones…

2 Me gusta

Disculpen, ¿yo tambien puedo enviar mi FRST y additon? Hice todas las intrucciones y necesito eliminar este virus lo antes posible, si no es mucha molestia.

@Marr0n Solo te escribo para que sepas que estoy muy interesado en tu ayuda… quedo pues a la espera de tus instrucciones. Soy consciente de que ha estado la semana santa de por medio y que estarás liado por tu trabajo… por lo que te doy las gracias de antemano por tu tiempo… Saludos.

1 me gusta

Hola buenas @allodito sí, correcto.

Este Jueves por la noche lo tienes y sí, entre trabajo y semana santa… pues son unos días complicados. Pero tranquilo, que lo tiraremos adelante.

Salu2 y buenas noches.

1 me gusta

Hola, me pregunto si yo tambien puedo enviar mis reportes, es el unico ordenador que tengo para el colegio y me quiero deshacer de ese malware.

Buenos días @Marr0n , quería preguntarte si has podido mirar los informes que te pasé, o si vas a poder mirarlo en breve. Por supuesto entiendo que no tienes ningún deber de hacerlo, así como que te habré pillado en una temporada de mucho trabajo, por lo que vaya por delante las gracias de antemano por el tiempo invertido y el que puedas llegar a invertir en ello. Lo que ocurre es que, hasta ahora, he ido salvando la situación haciendo transferencias con el móvil, así como otra serie de trabajos. pero ya no puedo dejarlo más, si no encontraras ocasión de verlo, muy a mi pesar tendré que correr el riesgo (toda vez que ya no me hace lo de la tilde e imagino que pueda haber desaparecido, en gran parte al menos).

De nuevo muchas gracias, y siento la presión que por otra parte y nunca mejor dicho… No está pagada.