Virus Windows Host Process rundll32

M1X0 · 24 Junio, 2024 07:49

Primero de todo mis disculpas por no haber dicho nada. Digamos que estos días he tenido unos contratiempos importantes que aún no están resueltos, pero bueno, vamos allá.

OK.

Ok, no es recomendable usar VPNs gratuitas más tarde cuando hayamos desinfectado la máquina te comentaré el porqué digo esto.

OK perfecto, pero no hemos acabado, tenemos que encargarnos de más cosas y puede ser que aún tengas malware en tu máquina.

El fixlog tiene buena pinta, pero tenemos que seguir.

Seguimos:

EN BUSCA / ELIMINACIÓN DE MALWARE

Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).

Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64 bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?

Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

Farbar Recovery Scan Tool

Ejecutas el FRST.exe (Si utilizas Windows Vista/7/8 o 10, presionas clic derecho y seleccionas Ejecutar como Administrador).
Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Sí o Yes.
En la ventana principal del programa, presionas sobre Analizar/Scan y esperas a que finalice el análisis.
Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.

Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado. También conectas nuevamente tu equipo a Internet.

PRÓXIMA RESPUESTA

Pegas los reportes de FRST.txt y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 caracteres aprox.).

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

No realices pasos/acciones que NOSOTROS no te hayamos indicado.

No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.

No instales NADA (programas/software/complementos/extensiones del navegador…).

No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).

No realices por tu cuenta otros procedimientos.

Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

Salu2.

Makedish · 28 Junio, 2024 07:17

Buenas @M1X0 aquí adjunto el FRST.txt y el Addition.txt

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 23.06.2024
Ejecutado por Bruno Càceres (administrador) sobre LAPTOP-5VT466CM (LENOVO 80E5) (27-06-2024 23:21:09)
Ejecutado desde C:\Users\erika\Desktop\FRST64.exe
Perfiles cargados: Bruno Càceres
Plataforma: Microsoft Windows 10 Home Single Language Versión 22H2 19045.4529 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(explorer.exe ->) (04797BBC-C7BB-462F-9B66-331C81E27C0E -> TranslucentTB Open Source Developers) C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2024.1.0.0_x64__v826wp6bftszj\TranslucentTB.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.111.0602.0003_1\Microsoft.SharePoint.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\backup\74229A4E-44F6-4D87-B233-7CB44961342D\OfficeC2RClient.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3023152 2024-05-24] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => %LOCALAPPDATA%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (Ningún archivo)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (Ningún archivo)
HKLM-x32\...\Run: [REDRAGON M711 Gaming Mouse] => C:\Program Files (x86)\REDRAGON M711 Gaming Mouse\hid.exe [965120 2019-02-21] () [Archivo no firmado]
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37495272 2024-04-25] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4905376 2024-06-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4407656 2024-06-20] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\Run: [Discord] => C:\Users\erika\AppData\Local\Discord\Update.exe [1525016 2023-02-13] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [72122128 2024-06-20] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Print\Monitors\HP E211 Status Monitor: C:\WINDOWS\system32\hpinkstsE211LM.dll [383496 2014-12-18] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\126.0.6478.127\Installer\chrmstp.exe [2024-06-26] (Google LLC -> Google LLC)

==================== Tareas programadas (Lista blanca) =================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {30BD3F96-A4B2-4BE7-96DB-1C40986E403A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5683696 2024-06-12] (Microsoft Windows -> Microsoft Corporation)
Task: {577BE025-4DB9-44CD-8282-F01CF4AA6C0D} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{97A0438A-0E8B-42EC-84F4-AD924944A913} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.0\updater.exe [4623976 2024-06-13] (Google LLC -> Google LLC)
Task: {D64A4740-B8DB-4D7D-9672-0A80E1DD300C} - System32\Tasks\HidHide_Updater => C:\Program Files\Nefarius Software Solutions\HidHide\HidHide_Updater.exe [1041856 2022-06-27] (Nefarius Software Solutions e.U. -> Nefarius Software Solutions e.U.) -> C:\Program Files\Nefarius Software Solutions\HidHide\\/silent
Task: {BC98A26F-969B-4D6E-98A9-A38EB6F6A4C3} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\IntelPTTEKRecertification.exe [855664 2023-12-14] (Intel Corporation -> Intel(R) Corporation)
Task: {538A8C8A-9C08-41C7-AE55-FD843E3DC7AD} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {02D39F96-DBD4-45C0-83C7-43FF986CA42C} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {DC3A0751-56A8-4799-9E31-036A6A802B41} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [77312 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {CC4B2C3B-7EC2-444C-BA7D-0852E812B406} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\40114c1f-a585-476c-ae14-acd30f1d8db1 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {01380A35-8780-4B5B-BE5B-202B051A4B52} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\af6f8b41-ce0a-4f2b-9941-c42c4e325d8e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {D21E7F9D-8349-49E7-A752-32DDC6CF7D28} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e988edd3-5d9b-4f18-b563-c478c7c0ddc9 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {A4CAE2E0-691D-4C88-B673-1A2F002F4A7E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\effe026a-925f-4a44-a154-e241bdc1a55a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {725E65E3-C552-48C3-A0AC-CDBDEBEECAED} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f22f7875-21db-46d9-92eb-1a1546fa5119 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {C5596AE5-6070-47D0-B93C-D68464FF546B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28499424 2024-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {3B9E2072-6102-4DE0-9157-FFDEC7F4C5D4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28499424 2024-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {3BFFEE0D-BACB-493E-9120-46033441DA6F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309800 2024-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {79586489-A685-489E-A552-377AC6B87244} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309800 2024-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {C04B626F-79E8-4BC2-9B8A-3AC65C0709D9} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169648 2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9B0ACE5-C975-48F4-B4F6-4FF1574782E1} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4452032 2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {8D7A0228-D4C6-498B-80AA-DD08AAB0E7F4} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\System32\rundll32.exe [71680 2024-05-14] (Microsoft Windows -> Microsoft Corporation) -> C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {6BD16445-7185-4EF3-9842-4ECF5ECFE7BC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B4348EF8-863B-40ED-B49A-23DC15FC3D59} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4F5DC58C-5F3A-49E6-B67C-D2275B41AD29} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3F469E7B-87CC-4829-BAB1-91EC2DC48C97} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {79A571A5-545D-4D74-B281-081C39FB5A7C} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {6DD7714F-74FF-4097-B24C-531A5FE0A44A} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4099771876-1399699478-3733680322-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {1551E8EE-968B-41CF-9D6B-61656DED790E} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2369544 2024-06-02] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {57E6DDC6-BC21-400C-8E04-73FE7B30067E} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-09-10] (CyberLink Corp. -> CyberLink Corp.)
Task: {8676E4DD-0E2A-444A-9F2F-B3EE416DA877} - System32\Tasks\RunDS4Windows => C:\Users\erika\Downloads\DS4Windows\task.bat [98 2024-06-27] () [Archivo no firmado]

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 200.48.225.130 200.48.225.146
Tcpip\..\Interfaces\{2dc85b9a-7fa1-4427-a280-6483dd1b2347}: [DhcpNameServer] 200.48.225.130 200.48.225.146
Tcpip\..\Interfaces\{2dc85b9a-7fa1-4427-a280-6483dd1b2347}: [DhcpDomain] hitronhub.home
Tcpip\..\Interfaces\{2dc85b9a-7fa1-4427-a280-6483dd1b2347}\6416D696C69616023666022374: [DhcpNameServer] 192.168.18.1
Tcpip\..\Interfaces\{2dc85b9a-7fa1-4427-a280-6483dd1b2347}\7416C6168797021403330234F6275626367343: [DhcpNameServer] 192.168.2.39
Tcpip\..\Interfaces\{2dc85b9a-7fa1-4427-a280-6483dd1b2347}\D416B65646963786: [DhcpNameServer] 192.168.158.86
Tcpip\..\Interfaces\{2dc85b9a-7fa1-4427-a280-6483dd1b2347}\D4F4E44514C46514E4: [DhcpNameServer] 200.48.225.146 200.48.225.130
Tcpip\..\Interfaces\{2dc85b9a-7fa1-4427-a280-6483dd1b2347}\D4F4E44514C46514E4: [DhcpDomain] telefonica.pe
Tcpip\..\Interfaces\{5aec790e-e4be-4623-8058-1c38bbdcab41}: [DhcpNameServer] 200.48.225.130 200.48.225.146
Tcpip\..\Interfaces\{5aec790e-e4be-4623-8058-1c38bbdcab41}: [DhcpDomain] hitronhub.home

Edge: 
=======
Edge Profile: C:\Users\erika\AppData\Local\Microsoft\Edge\User Data\Default [2024-06-11]
Edge Extension: (Documentos de Google sin conexión) - C:\Users\erika\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-05]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\erika\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-12-09]
Edge Extension: (Edge relevant text changes) - C:\Users\erika\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-05]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-04-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-03] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\erika\AppData\Local\Google\Chrome\User Data\Default [2024-06-27]
CHR Notifications: Default -> hxxps://meet.google.com
CHR Extension: (Documentos de Google sin conexión) - C:\Users\erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-21]
CHR Extension: (Hola VPN - Your Website Unblocker) - C:\Users\erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2024-06-15]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-06-12]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\erika\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-06-11]
CHR Profile: C:\Users\erika\AppData\Local\Google\Chrome\User Data\Profile 8 [2024-06-27]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\erika\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-03]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\erika\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-06-26]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\erika\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-22]
CHR Profile: C:\Users\erika\AppData\Local\Google\Chrome\User Data\System Profile [2024-06-27]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8906088 2021-03-21] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14012384 2024-06-16] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-02-15] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2024-02-15] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-10] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.111.0602.0003_1\FileSyncHelper.exe [3518896 2024-06-25] (Microsoft Corporation -> Microsoft Corporation)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8884840 2024-04-26] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.111.0602.0003_1\OneDriveUpdaterService.exe [3858336 2024-06-25] (Microsoft Corporation -> Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2369544 2024-06-02] (Overwolf Ltd -> Overwolf LTD)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9685928 2024-05-24] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 EasyAntiCheatSys; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [11659336 2022-05-28] (EasyAntiCheat Oy -> EasyAntiCheat Oy)
R3 HidHide; C:\WINDOWS\System32\drivers\HidHide.sys [66584 2022-06-27] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [135600 2021-08-08] (Shenzhen Yibo Digital Systems Development Co., Ltd. -> EZB Systems, Inc.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 UniFairy_x64; C:\WINDOWS\system32\drivers\UniFairy_x64.sys [5198272 2021-11-25] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 unirsdt; C:\WINDOWS\system32\drivers\unirsdt.sys [5835696 2021-11-26] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 usbscan; C:\WINDOWS\System32\drivers\usbscan.sys [49664 2022-11-29] (Microsoft Corporation) [Archivo no firmado]
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [41214432 2024-05-24] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602520 2024-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
S3 xhunter1; C:\Windows\xhunter1.sys [74552 2019-09-23] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2024-06-27 22:59 - 2024-06-27 22:59 - 002395648 _____ (Farbar) C:\Users\erika\Desktop\FRST64.exe
2024-06-27 15:23 - 2024-06-27 15:23 - 000001426 _____ C:\Users\erika\Desktop\Roblox Player.lnk
2024-06-27 15:22 - 2024-06-27 15:22 - 000001242 _____ C:\Users\erika\Desktop\Roblox Studio.lnk
2024-06-27 15:20 - 2024-06-27 15:20 - 000003322 _____ C:\WINDOWS\system32\Tasks\RunDS4Windows
2024-06-27 15:16 - 2024-06-27 15:16 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-06-25 19:10 - 2024-06-25 19:10 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-06-25 19:09 - 2024-06-25 19:09 - 000002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-06-21 18:52 - 2024-06-21 18:52 - 000000000 ____D C:\ProgramData\obs-studio
2024-06-21 18:14 - 2024-06-21 18:27 - 000003712 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{803C8936-6D25-4509-88C3-C5FA66890235}
2024-06-21 18:14 - 2024-06-21 18:27 - 000003588 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{C2C22679-E5BB-4636-A437-995DEF0E0E01}
2024-06-20 20:10 - 2024-06-20 20:10 - 001502943 _____ C:\WINDOWS\unins000.exe
2024-06-20 20:10 - 2024-06-20 20:10 - 000043810 _____ C:\WINDOWS\unins000.dat
2024-06-20 20:10 - 2024-06-20 20:10 - 000001212 _____ C:\Users\erika\Desktop\REDRAGON M711.lnk
2024-06-20 20:10 - 2024-06-20 20:10 - 000000000 ____D C:\Users\erika\Documents\M711 Gaming Mouse
2024-06-20 20:10 - 2024-06-20 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REDRAGON M711
2024-06-20 20:10 - 2024-06-20 20:10 - 000000000 ____D C:\Program Files (x86)\REDRAGON M711 Gaming Mouse
2024-06-20 20:09 - 2024-06-20 20:09 - 000000000 ____D C:\Users\erika\Downloads\M711_COBRA_CHROMA
2024-06-14 20:55 - 2024-06-14 20:55 - 000000000 ____D C:\Users\erika\AppData\Local\Backup
2024-06-14 20:08 - 2024-06-14 20:08 - 000000000 ____D C:\Users\erika\AppData\Local\PlaceholderTileLogoFolder
2024-06-12 22:21 - 2024-06-12 22:21 - 000072304 _____ (N/A) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2024-06-12 22:03 - 2024-06-12 22:03 - 172293240 _____ (Oracle Corporation) C:\Users\erika\Downloads\jdk-22_windows-x64_bin.exe
2024-06-12 17:48 - 2024-06-12 17:48 - 000000000 ___HD C:\$WinREAgent
2024-06-11 19:03 - 2024-06-11 19:15 - 000060865 _____ C:\Users\erika\Desktop\Fixlog.txt
2024-06-11 18:56 - 2024-06-11 18:56 - 000000256 _____ C:\Users\erika\Desktop\DelFix.txt
2024-06-11 18:56 - 2024-06-11 18:56 - 000000256 _____ C:\DelFix.txt
2024-06-11 18:55 - 2024-06-11 18:56 - 000001065 _____ C:\Users\erika\Desktop\DelFix.lnk
2024-06-11 18:54 - 2024-06-11 18:54 - 000000000 ____D C:\WINDOWS\ERUNT
2024-06-11 18:23 - 2024-06-11 18:23 - 000000000 ____D C:\ProgramData\Lenovo
2024-06-11 18:15 - 2024-06-11 18:15 - 000797760 _____ C:\Users\erika\Downloads\delfix_1.013.exe
2024-06-10 22:44 - 2024-06-10 22:44 - 000001098 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2024-06-10 22:44 - 2024-06-10 22:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2024-06-10 22:44 - 2024-06-10 22:44 - 000000000 ____D C:\Program Files\VS Revo Group
2024-06-10 22:34 - 2024-06-10 22:34 - 006970144 _____ (VS Revo Group ) C:\Users\erika\Downloads\revosetup.exe
2024-06-08 01:02 - 2024-06-08 01:02 - 000000000 ____D C:\WINDOWS\system32\%userprofile%
2024-06-06 23:54 - 2024-06-06 23:54 - 000142413 _____ C:\Users\erika\Documents\Informe APA.pdf
2024-06-06 18:59 - 2024-06-06 18:59 - 000747375 _____ C:\Users\erika\Downloads\presentacion proyecto.pdf
2024-06-06 16:48 - 2024-06-06 16:48 - 000195808 _____ C:\Users\erika\Downloads\E02 makedish_organized.pdf
2024-06-06 16:45 - 2024-06-06 16:46 - 000205239 _____ C:\Users\erika\Downloads\E02 makedish.pdf
2024-06-05 00:55 - 2024-06-05 00:55 - 004135807 _____ C:\Users\erika\Downloads\presentacion proyecto.pptx
2024-06-02 16:00 - 2024-06-02 16:00 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-05-29 23:12 - 2024-06-27 23:12 - 000053406 _____ C:\Users\erika\Desktop\Addition.txt
2024-05-29 23:01 - 2024-06-27 23:23 - 000025167 _____ C:\Users\erika\Desktop\FRST.txt

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2024-06-27 23:22 - 2024-05-17 18:54 - 000000000 ____D C:\FRST
2024-06-27 22:47 - 2022-11-30 02:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-06-27 18:26 - 2023-05-19 19:33 - 000000000 ____D C:\Users\erika\Downloads\DS4Windows
2024-06-27 16:37 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-06-27 16:37 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-06-27 15:23 - 2022-10-06 21:23 - 000000000 ____D C:\Users\erika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2024-06-27 15:20 - 2023-05-19 19:37 - 000000000 ____D C:\Users\erika\AppData\Roaming\DS4Windows
2024-06-27 01:53 - 2022-11-30 02:51 - 000004220 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{8ABDF398-D2E6-430F-8065-CD42E94245EE}
2024-06-26 14:15 - 2022-11-29 19:42 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-06-26 14:15 - 2017-03-12 11:11 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-06-25 19:12 - 2021-06-17 09:46 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-06-25 19:10 - 2022-11-30 02:51 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4099771876-1399699478-3733680322-1001
2024-06-22 02:04 - 2020-08-17 22:05 - 000000000 ____D C:\Program Files (x86)\Steam
2024-06-22 00:03 - 2020-08-17 22:12 - 000000000 ____D C:\Users\erika\AppData\Local\Steam
2024-06-21 21:58 - 2023-08-19 12:30 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2024-06-21 21:58 - 2023-08-19 12:30 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2024-06-21 21:58 - 2023-05-19 19:38 - 000001377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HidHide Configuration Client.lnk
2024-06-21 21:58 - 2021-12-25 18:04 - 000000000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite.lnk
2024-06-21 21:58 - 2020-06-12 11:22 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-06-21 21:56 - 2021-02-17 12:05 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2024-06-21 21:54 - 2021-02-05 15:55 - 000000000 ____D C:\ProgramData\Riot Games
2024-06-21 18:57 - 2023-08-19 12:30 - 000002467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2024-06-21 18:57 - 2023-08-19 12:30 - 000002416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2024-06-21 18:57 - 2022-12-13 20:17 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-06-21 18:57 - 2022-12-01 17:12 - 000001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2024-06-21 18:57 - 2019-03-21 19:12 - 000001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2024-06-21 18:52 - 2023-07-31 15:53 - 000002336 _____ C:\Users\erika\Desktop\Porofessor.gg.lnk
2024-06-21 18:50 - 2023-07-31 15:47 - 000000000 ____D C:\Users\erika\AppData\Local\Overwolf
2024-06-21 16:37 - 2020-05-28 13:23 - 000000000 ____D C:\Users\erika\AppData\Roaming\Zoom
2024-06-20 22:46 - 2023-08-19 12:30 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2024-06-20 22:24 - 2024-02-22 16:52 - 000000000 ____D C:\Users\erika\AppData\Roaming\riot-client-ux
2024-06-19 19:01 - 2017-02-15 03:24 - 000000000 ____D C:\Users\erika\AppData\Local\Packages
2024-06-17 12:13 - 2017-02-15 03:30 - 000000000 ____D C:\Users\erika\AppData\Roaming\Microsoft\Word
2024-06-16 23:46 - 2023-08-19 12:21 - 000000000 ____D C:\Program Files\Microsoft Office
2024-06-15 12:20 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2024-06-14 20:52 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\appcompat
2024-06-14 20:10 - 2020-02-03 17:04 - 000000000 ____D C:\ProgramData\Packages
2024-06-14 19:00 - 2023-04-04 15:37 - 001776284 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-06-14 19:00 - 2019-12-07 09:55 - 000790520 _____ C:\WINDOWS\system32\perfh00A.dat
2024-06-14 19:00 - 2019-12-07 09:55 - 000156370 _____ C:\WINDOWS\system32\perfc00A.dat
2024-06-14 18:55 - 2023-12-24 01:20 - 000008192 ___SH C:\DumpStack.log.tmp
2024-06-14 18:55 - 2022-11-30 02:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-06-14 18:55 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-06-13 02:21 - 2019-12-07 04:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-06-13 02:17 - 2022-11-30 02:09 - 000456504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-06-13 02:11 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-06-13 02:11 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-06-13 02:11 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-06-13 02:11 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-06-13 02:11 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-06-13 02:11 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-06-13 02:11 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-06-13 02:11 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-06-13 02:11 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-06-12 22:55 - 2022-12-26 23:54 - 000000000 ____D C:\Users\erika\AppData\Roaming\.minecraft
2024-06-12 22:21 - 2023-11-04 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2024-06-12 22:20 - 2023-11-04 18:22 - 000000000 ____D C:\Program Files\Java
2024-06-12 21:31 - 2024-05-23 21:21 - 000267880 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll
2024-06-12 21:31 - 2024-04-30 18:40 - 000751208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-06-12 21:31 - 2023-11-04 17:28 - 002799200 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-06-12 21:31 - 2023-11-04 17:28 - 000222824 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-06-12 21:31 - 2023-11-04 17:28 - 000206440 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-06-12 21:31 - 2023-11-04 17:28 - 000144888 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-06-12 21:31 - 2023-11-04 17:28 - 000108024 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-06-12 21:31 - 2023-11-04 17:28 - 000075256 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-06-12 20:00 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-06-12 19:43 - 2022-11-30 02:14 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-06-12 17:18 - 2024-05-01 09:34 - 000000000 ____D C:\Program Files\Riot Vanguard
2024-06-12 00:38 - 2024-03-06 15:18 - 000000000 ____D C:\Program Files\RUXIM
2024-06-11 22:14 - 2017-03-29 18:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-06-11 21:48 - 2017-03-29 18:09 - 199048176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-06-11 19:46 - 2022-11-30 02:51 - 000003840 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2024-06-11 19:14 - 2021-07-19 16:49 - 000000000 ____D C:\Users\erika\AppData\LocalLow\Temp
2024-06-11 19:05 - 2022-11-30 02:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2024-06-11 01:08 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-06-11 00:23 - 2022-11-25 21:45 - 000000000 ___DC C:\WINDOWS\Panther
2024-06-11 00:23 - 2017-03-27 21:06 - 000000000 ____D C:\Users\erika\AppData\Roaming\Microsoft\Excel
2024-06-11 00:23 - 2017-02-15 03:30 - 000000000 ____D C:\Users\erika\AppData\Roaming\Microsoft\Office
2024-06-11 00:00 - 2020-08-15 18:44 - 000000000 ____D C:\Users\erika\AppData\Local\CrashDumps
2024-06-10 19:54 - 2023-07-31 15:51 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-06-08 01:02 - 2020-05-25 12:07 - 000000000 ___RD C:\Users\Default\OneDrive
2024-06-06 23:52 - 2023-03-08 13:30 - 000000000 ____D C:\Users\erika\AppData\Roaming\discord
2024-06-06 23:24 - 2023-03-08 13:29 - 000000000 ____D C:\Users\erika\AppData\Local\Discord
2024-06-06 18:23 - 2023-03-08 13:30 - 000002254 _____ C:\Users\erika\Desktop\Discord.lnk
2024-06-05 00:27 - 2020-02-03 16:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-06-03 20:09 - 2021-11-16 13:22 - 000000000 ____D C:\Users\erika\AppData\Local\Spotify
2024-06-03 20:05 - 2021-11-16 13:22 - 000000000 ____D C:\Users\erika\AppData\Roaming\Spotify
2024-05-29 14:05 - 2024-02-13 20:03 - 000000000 ____D C:\ProgramData\Package Cache
2024-05-29 14:04 - 2024-03-12 15:11 - 000000000 ____D C:\Program Files\dotnet

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Makedish · 28 Junio, 2024 07:20

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 23.06.2024
Ejecutado por Bruno Càceres (27-06-2024 23:24:55)
Ejecutado desde C:\Users\erika\Desktop
Microsoft Windows 10 Home Single Language Versión 22H2 19045.4529 (X64) (2022-11-30 07:53:31)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-4099771876-1399699478-3733680322-500 - Administrator - Disabled)
Bruno Càceres (S-1-5-21-4099771876-1399699478-3733680322-1001 - Administrator - Enabled) => C:\Users\erika
DefaultAccount (S-1-5-21-4099771876-1399699478-3733680322-503 - Limited - Disabled)
Invitado (S-1-5-21-4099771876-1399699478-3733680322-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4099771876-1399699478-3733680322-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Aplicaciones de Microsoft 365 para empresas - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.17628.20144 - Microsoft Corporation)
Asistente de soporte y recuperación de Microsoft (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\4336df8a13b91f17) (Version: 17.1.495.23 - Microsoft Corporation)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
Comprobación de estado de PC Windows (HKLM\...\{8B474A92-CE3A-4F46-B6F1-6DFA1390F826}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Conexant Audio Filter Agent (HKLM\...\cAudioFilterAgent) (Version: 1.7.83.0 - Conexant Systems)
CPUID CPU-Z 1.99 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.99 - CPUID, Inc.)
CxAudMsg (HKLM\...\CxAudMsg) (Version:  - )
CyberLink Power2Go 8 (HKLM-x32\...\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
Discord (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\Discord) (Version: 1.0.9011 - Discord Inc.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Epic Games Launcher (HKLM-x32\...\{3EB077E6-4FDC-4E90-8BCA-FD19BB7624BF}) (Version: 1.1.183.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version:  - Ubisoft)
Forte Config (HKLM\...\ForteConfig) (Version: 1.0.0.0 - Conexant Systems)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 126.0.6478.127 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Grand Theft Auto Vice City versión 1.1 (HKLM-x32\...\Grand Theft Auto Vice City_is1) (Version: 1.1 - Rockstar Games)
Half-Life (HKLM-x32\...\Half-Life_is1) (Version: Half-Life - No Steam - KingSOFT DVD)
HidHide (HKLM\...\{27AF679E-48DB-4B49-A689-1D6A3A52C472}) (Version: 1.2.98 - Nefarius Software Solutions e.U.)
Intel(R) Chipset Device Software (HKLM\...\{8C91A5EB-2C62-4A6D-8802-CC79FD2ED390}) (Version: 10.1.1.7 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{8B0B53D2-F5B8-4A67-93B0-5960D6ED6186}) (Version: 11.0.0.1153 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{FD37351B-3074-4652-8188-1B3FB784EC4E}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{303C5CD6-2525-49C5-9E49-DBD92F9F63BD}) (Version: 14.5.2.1088 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{BC9BA4BE-DA5C-488C-97ED-0BE86C2E69B4}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{224CC1EA-2433-4106-81BA-5D5432B11744}) (Version: 19.30.0.0905 - Intel Corporation) Hidden
Java(TM) SE Development Kit 18.0.2.1 (64-bit) (HKLM\...\{F3A2A837-F83B-5732-97F2-309BE0F51E0C}) (Version: 18.0.2.1 - Oracle Corporation)
Java(TM) SE Development Kit 22.0.1 (64-bit) (HKLM\...\{C88E1536-B969-551C-BD73-956329A6D5B0}) (Version: 22.0.1.0 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5709.60 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5709.60 - CyberLink Corp.)
Malwarebytes version 4.6.12.323 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.12.323 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Host - 6.0.31 (x64) (HKLM\...\{59ED1DC1-E3E4-4BC0-B43F-143CCC38FF17}) (Version: 48.124.15198 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.26 (x64) (HKLM\...\{D81A418F-966D-4069-B3E8-5EE4843CA862}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.31 (x64) (HKLM\...\{9992D04E-553E-4BC2-B0EC-4A394DD19986}) (Version: 48.124.15198 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.26 (x64) (HKLM\...\{1A02C1B1-05BB-49F7-9DFF-99A66C6877FC}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.31 (x64) (HKLM\...\{0950F07D-F1C4-47A5-AC88-C5FAA5DC564D}) (Version: 48.124.15198 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 126.0.2592.68 - Microsoft Corporation)
Microsoft Office Profesional Plus 2021 - es-es (HKLM\...\ProPlus2021Retail - es-es) (Version: 16.0.17628.20144 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.111.0602.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.75.1 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.26 (x64) (HKLM\...\{1F0EB53C-BE30-436A-BC54-FA364227A870}) (Version: 48.104.6996 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.26 (x64) (HKLM-x32\...\{b2476903-b8da-4dcc-903f-378730bb4c48}) (Version: 6.0.26.33205 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.31 (x64) (HKLM\...\{EFE53353-800E-4987-B965-1C968D0F23A4}) (Version: 48.124.15242 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.31 (x64) (HKLM-x32\...\{1a7abdc5-639b-4af0-87c6-dbc511750c6e}) (Version: 6.0.31.33720 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
osu! (HKLM-x32\...\{23c196dc-755e-48b2-8502-395cdb5244de}) (Version: latest - ppy Pty Ltd)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.251.2.1 - Overwolf Ltd.)
Porofessor.gg (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\Overwolf_pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh) (Version: 2.7.365 - Overwolf app)
Python 3.11.2 (64-bit) (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\{4d5f29cf-3d3f-455f-bd47-5a52fb830b25}) (Version: 3.11.2150.0 - Python Software Foundation)
Python 3.11.2 Add to Path (64-bit) (HKLM\...\{48E8B3E4-EEE2-4DB3-A518-C2B8A3075B5A}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Core Interpreter (64-bit) (HKLM\...\{0D38B9A4-4312-465D-A472-450BF75A0460}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Development Libraries (64-bit) (HKLM\...\{A15F08D3-26E4-4F0B-BA8B-ED59A52D6A02}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Documentation (64-bit) (HKLM\...\{1F5C7063-8305-4755-A643-32DE2BE966F9}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Executables (64-bit) (HKLM\...\{D6BE8071-9505-4EE4-9E42-916584C2D21C}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 pip Bootstrap (64-bit) (HKLM\...\{6E84DCAA-19DD-4560-AAE7-043EADF5C1F8}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Standard Library (64-bit) (HKLM\...\{6C19B2EE-FA34-4270-A87F-1FF008C1AC6E}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Tcl/Tk Support (64-bit) (HKLM\...\{6F13A394-E3EA-4585-9ADE-046B69F1F902}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Test Suite (64-bit) (HKLM\...\{83C32D05-F3C4-4D61-877E-0A4C6717E7DC}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Utility Scripts (64-bit) (HKLM\...\{6CE85987-8440-409D-BE75-F5128943F67B}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{C28EE783-FA9C-4E09-910E-181A4A28C29C}) (Version: 3.11.2150.0 - Python Software Foundation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
REDRAGON M711 (HKLM-x32\...\{308D16D5-04D3-4581-A245-3B53AEF0AF36}}_is1) (Version:  - )
Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
Roblox Player for Bruno Càceres (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\roblox-player) (Version:  - Roblox Corporation)
Silent Hill 2 - Directors Cut (HKLM-x32\...\{D3C80E77-E549-4F76-BC07-61DDBD950345}) (Version:  - )
Software Intel® PROSet/Wireless (HKLM-x32\...\{5853172b-5520-4089-9ef4-e26c594382b3}) (Version: 19.30.0 - Intel Corporation)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Spotify (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\Spotify) (Version: 1.2.37.701.ge66eb7bc - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 114.1 - Ubisoft)
UltraISO Premium V9.76 (HKLM-x32\...\UltraISO_is1) (Version: 9.76 - EZB Systems, Inc.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 126.0.2592.68 - Microsoft Corporation)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)

Chrome apps:
============
Documentos (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\04086a85c7287b7471630d3dc43bd9ef) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\bedcc02b8153db9be242413fb1cb9939) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\7699370b2920fe742c52f7f5a891d06a) (Version: 1.0 - Google\Chrome)
Hojas de cálculo (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\0aedd045b6f2ff9800fcee5c67a5a6e6) (Version: 1.0 - Google\Chrome)
Presentaciones (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\ce0353b511ca3efc1359cc48924bacb5) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\b1fe766b5151ae4302a1fad634ddbb8a) (Version: 1.0 - Google\Chrome)

Packages:
=========

Búsqueda web de Microsoft Bing -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-03-27] (Microsoft Corporation)
Complemento de motor multimedia para Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-29] (Microsoft Corporation)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.7.2.0_x64__8wekyb3d8bbwe [2024-06-12] (Microsoft Studios)
TranslucentTB -> C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2024.1.0.0_x64__v826wp6bftszj [2024-05-23] (Charles Milette) [Startup Task]

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-4099771876-1399699478-3733680322-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4099771876-1399699478-3733680322-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.111.0602.0003_1\FileSyncShell64.dll [2024-06-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.111.0602.0003_1\FileSyncShell64.dll [2024-06-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.111.0602.0003_1\FileSyncShell64.dll [2024-06-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.111.0602.0003_1\FileSyncShell64.dll [2024-06-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.111.0602.0003_1\FileSyncShell64.dll [2024-06-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.111.0602.0003_1\FileSyncShell64.dll [2024-06-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.111.0602.0003_1\FileSyncShell64.dll [2024-06-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.111.0602.0003_1\FileSyncShell64.dll [2024-06-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.111.0602.0003_1\FileSyncShell64.dll [2024-06-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.111.0602.0003_1\FileSyncShell64.dll [2024-06-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.111.0602.0003_1\FileSyncShell64.dll [2024-06-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.111.0602.0003_1\FileSyncShell64.dll [2024-06-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.111.0602.0003_1\FileSyncShell64.dll [2024-06-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.111.0602.0003_1\FileSyncShell64.dll [2024-06-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.111.0602.0003_1\FileSyncShell64.dll [2024-06-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2020-07-13] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-07] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.111.0602.0003_1\FileSyncShell64.dll [2024-06-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2020-07-13] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.111.0602.0003_1\FileSyncShell64.dll [2024-06-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2022-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-07] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2020-07-13] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\erika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Robloxfun36 Push Notification.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=onfcckhbanknhjcdgbmkjkpfnoghnehb
ShortcutWithArgument: C:\Users\erika\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d755e1040e5d38ac\Valeria - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 8"

==================== Módulos cargados (Lista blanca) =============

2015-07-22 03:44 - 2015-07-22 03:44 - 000285184 _____ (Intel Corporation) [Archivo no firmado] [El archivo está en uso] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-07-22 03:44 - 2015-07-22 03:44 - 000562688 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\HidHide Configuration Client.lnk:B7B9C8BD2D [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite.lnk:073005E2F7 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk:C5D586BE93 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk:E77773B271 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk:5465085A2F [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [3442]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-04-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-02] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\sharepoint.com -> hxxps://senatipe-files.sharepoint.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2024-06-11 19:06 - 2024-06-11 19:06 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\erika\Pictures\Fondos de pantalla\fondo 3.png
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: CCSDK => 2
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: EQU8_19 => 3
MSCONFIG\Services: GDCAgent => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HPPrintScanDoctorService => 2
MSCONFIG\Services: ImControllerService => 2
MSCONFIG\Services: SynTPEnhService => 2
MSCONFIG\Services: uncheater_bgl => 3
HKLM\...\StartupApproved\Run: => "LenovoUtility"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "ForteConfig"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerProgramData"
HKLM\...\StartupApproved\Run32: => "REDRAGON M711 Gaming Mouse"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\StartupFolder: => "Enviar a OneNote.lnk"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "PhotoMasterImportAgent"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "NZXT.CAM"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "RiotClient"
HKU\S-1-5-21-4099771876-1399699478-3733680322-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_8D4E6D2024FFE84AF89F70F1F149D078"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [TCP Query User{3E234945-60CF-4FF3-9CFF-F32FCD0128C2}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{F3C1E643-8B00-4973-9A98-31CF33BE1C64}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{CA02A0B6-0D68-4151-B42A-915E09162CA4}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{472FA9E6-0BC8-46FA-8F69-416CFB42E8A4}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{43FA9E11-04EF-4274-A47B-BF376E7F52EF}C:\program files\java\jdk-22\bin\javaw.exe] => (Allow) C:\program files\java\jdk-22\bin\javaw.exe
FirewallRules: [UDP Query User{8E5CD771-C24E-4996-A49C-F86BD165C7A5}C:\program files\java\jdk-22\bin\javaw.exe] => (Allow) C:\program files\java\jdk-22\bin\javaw.exe
FirewallRules: [{D36C9D67-65DE-49BC-A44A-4D3053A40FC5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3CE15640-0A6C-48F5-A66F-6F6CD1BFFE46}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ABF42B7C-E984-4EB1-88C7-32230CEC6C58}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FDBE9B5D-1756-4B3F-9AAC-7A9521647870}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{97C65D78-B9A7-45F8-A885-2BD67BEEDA53}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{63194266-6729-412A-AFE4-B0967DD2EAB3}] => (Allow) C:\Users\erika\AppData\Local\Overwolf\ProcessCache\0.251.2.1\pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh\Porofessor.gg.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{1E9A32EB-D416-456D-AA8E-5788706D66F0}] => (Allow) C:\Users\erika\AppData\Local\Overwolf\ProcessCache\0.251.2.1\pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh\Porofessor.gg.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{A468054F-7716-4CE4-B1E0-ACCDB2C6DB8A}] => (Block) C:\Users\erika\AppData\Local\Overwolf\ProcessCache\0.251.2.1\pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh\Porofessor.gg.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{A2860509-ABEA-45C7-8F02-247B801E2C9C}] => (Block) C:\Users\erika\AppData\Local\Overwolf\ProcessCache\0.251.2.1\pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh\Porofessor.gg.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{0505FC70-8482-4767-AE1F-71C756DD54BD}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.68\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E5623FDD-9490-40D2-93D9-C2330D4880B6}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F147F505-B618-41A4-9152-79A36F112823}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{68BBC84B-1C56-4962-A186-1CFFDDC04986}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{65FDD872-970B-492D-891B-D7F1D3E71E39}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E6CEDC95-43E5-49D0-B524-40538620594C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

12-06-2024 22:08:23 Installed Java(TM) SE Development Kit 22.0.1 (64-bit)
21-06-2024 12:28:07 Punto de control programado

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (06/27/2024 03:16:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_FrameServer, versión: 10.0.19041.4355, marca de tiempo: 0x9ce47784
Nombre del módulo con errores: RsProvider.dll, versión: 1.23.0.0, marca de tiempo: 0x56fb7e54
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000007bded
Identificador del proceso con errores: 0x27cc
Hora de inicio de la aplicación con errores: 0x01dac8ceec84cf44
Ruta de acceso de la aplicación con errores: C:\WINDOWS\System32\svchost.exe
Ruta de acceso del módulo con errores: C:\Program Files\Realtek\RsProviders\RsProvider.dll
Identificador del informe: dac133cd-04f3-412c-9e4b-e0ce6b5ccd07
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/25/2024 06:34:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_FrameServer, versión: 10.0.19041.4355, marca de tiempo: 0x9ce47784
Nombre del módulo con errores: RsProvider.dll, versión: 1.23.0.0, marca de tiempo: 0x56fb7e54
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000007bded
Identificador del proceso con errores: 0x1ed4
Hora de inicio de la aplicación con errores: 0x01dac758410c6aa1
Ruta de acceso de la aplicación con errores: C:\WINDOWS\System32\svchost.exe
Ruta de acceso del módulo con errores: C:\Program Files\Realtek\RsProviders\RsProvider.dll
Identificador del informe: 3a51cbf0-7848-4db6-b85f-d7c97685c0d0
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/25/2024 06:28:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_FrameServer, versión: 10.0.19041.4355, marca de tiempo: 0x9ce47784
Nombre del módulo con errores: RsProvider.dll, versión: 1.23.0.0, marca de tiempo: 0x56fb7e54
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000007bded
Identificador del proceso con errores: 0x2f98
Hora de inicio de la aplicación con errores: 0x01dac757563ab8bc
Ruta de acceso de la aplicación con errores: C:\WINDOWS\System32\svchost.exe
Ruta de acceso del módulo con errores: C:\Program Files\Realtek\RsProviders\RsProvider.dll
Identificador del informe: 89cca19b-abbb-4e84-8667-ef006cc31126
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/21/2024 11:11:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_FrameServer, versión: 10.0.19041.4355, marca de tiempo: 0x9ce47784
Nombre del módulo con errores: RsProvider.dll, versión: 1.23.0.0, marca de tiempo: 0x56fb7e54
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000007bded
Identificador del proceso con errores: 0x12dc
Hora de inicio de la aplicación con errores: 0x01dac45a1ac54314
Ruta de acceso de la aplicación con errores: C:\WINDOWS\System32\svchost.exe
Ruta de acceso del módulo con errores: C:\Program Files\Realtek\RsProviders\RsProvider.dll
Identificador del informe: 713d4f32-ad3d-486c-8361-94de03fd5222
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/21/2024 05:05:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_FrameServer, versión: 10.0.19041.4355, marca de tiempo: 0x9ce47784
Nombre del módulo con errores: RsProvider.dll, versión: 1.23.0.0, marca de tiempo: 0x56fb7e54
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000007bded
Identificador del proceso con errores: 0x15d4
Hora de inicio de la aplicación con errores: 0x01dac4271e4cf739
Ruta de acceso de la aplicación con errores: C:\WINDOWS\System32\svchost.exe
Ruta de acceso del módulo con errores: C:\Program Files\Realtek\RsProviders\RsProvider.dll
Identificador del informe: 79738915-ac9c-4d72-a96a-15b38cdbc39d
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/21/2024 04:32:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_FrameServer, versión: 10.0.19041.4355, marca de tiempo: 0x9ce47784
Nombre del módulo con errores: RsProvider.dll, versión: 1.23.0.0, marca de tiempo: 0x56fb7e54
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000007bded
Identificador del proceso con errores: 0x10f0
Hora de inicio de la aplicación con errores: 0x01dac42286e4cd55
Ruta de acceso de la aplicación con errores: C:\WINDOWS\System32\svchost.exe
Ruta de acceso del módulo con errores: C:\Program Files\Realtek\RsProviders\RsProvider.dll
Identificador del informe: ac873986-8c02-480e-a0d9-7306fe433457
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/20/2024 10:57:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ow-obs.exe, versión: 30.1.2.2, marca de tiempo: 0x66406be3
Nombre del módulo con errores: w32-pthreads.dll, versión: 30.1.2.0, marca de tiempo: 0xd73e5396
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000000358b
Identificador del proceso con errores: 0x26b8
Hora de inicio de la aplicación con errores: 0x01dac38f14d19e1c
Ruta de acceso de la aplicación con errores: C:\Users\erika\AppData\Local\Overwolf\Extensions\ncfplpkmiejjaklknfnkgcpapnhkggmlcppckhcb\253.0.6\obs\bin\64bit\ow-obs.exe
Ruta de acceso del módulo con errores: C:\Users\erika\AppData\Local\Overwolf\Extensions\ncfplpkmiejjaklknfnkgcpapnhkggmlcppckhcb\253.0.6\obs\bin\64bit\w32-pthreads.dll
Identificador del informe: 694c2fc1-bf6a-4a82-a376-d48c06b014a7
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/20/2024 08:41:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_FrameServer, versión: 10.0.19041.4355, marca de tiempo: 0x9ce47784
Nombre del módulo con errores: RsProvider.dll, versión: 1.23.0.0, marca de tiempo: 0x56fb7e54
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000007bded
Identificador del proceso con errores: 0x1f58
Hora de inicio de la aplicación con errores: 0x01dac37c12b6a630
Ruta de acceso de la aplicación con errores: C:\WINDOWS\System32\svchost.exe
Ruta de acceso del módulo con errores: C:\Program Files\Realtek\RsProviders\RsProvider.dll
Identificador del informe: a68e82d5-c740-4a7a-ad6e-dbb6d4842102
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


Errores del sistema:
=============
Error: (06/27/2024 03:26:09 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-5VT466CM)
Description: El servidor Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter no se registró con DCOM dentro del tiempo de espera requerido.

Error: (06/27/2024 03:17:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Servicio FrameServer de la Cámara de Windows se terminó de manera inesperada. Esto ha sucedido 16 veces.

Error: (06/26/2024 06:38:27 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-5VT466CM)
Description: El servidor Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter no se registró con DCOM dentro del tiempo de espera requerido.

Error: (06/26/2024 07:18:55 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80240017: Actualización de inteligencia de seguridad para Microsoft Defender Antivirus - KB2267602 (versión 1.413.519.0) - Canal actual (ampliado).

Error: (06/25/2024 06:35:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Servicio FrameServer de la Cámara de Windows se terminó de manera inesperada. Esto ha sucedido 15 veces.

Error: (06/25/2024 06:31:09 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-5VT466CM)
Description: El servidor Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter no se registró con DCOM dentro del tiempo de espera requerido.

Error: (06/25/2024 06:29:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Servicio FrameServer de la Cámara de Windows se terminó de manera inesperada. Esto ha sucedido 14 veces.

Error: (06/22/2024 12:03:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Steam Client Service no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.


Windows Defender:
================
Date: 2024-06-27 00:58:11
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {50ED126C-A243-4825-885A-A710BD8FB677}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2024-06-26 01:02:18
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {BBAB6711-E4E8-4D10-B15A-E59D5C9EF634}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2024-06-25 20:43:57
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {1AD73049-D594-4DB7-95E8-F2A91B6997E3}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2024-06-21 00:49:51
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {32D72005-5536-4509-A069-C9A44ECFB986}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2024-06-20 01:06:36
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {37AA0531-F16D-4D4D-A9E3-8058030EDA97}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2024-06-25 18:48:16
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.413.434.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.24050.5
Código de error: 0x80070020
Descripción del error: El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso. 

Date: 2024-06-25 18:48:16
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.413.434.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.24050.5
Código de error: 0x80070020
Descripción del error: El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso. 

Date: 2024-06-25 18:48:16
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.413.434.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.24050.5
Código de error: 0x80070020
Descripción del error: El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso. 

Date: 2024-05-16 01:57:32
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 1.411.173.0
Versión anterior de inteligencia de seguridad: 1.411.153.0
Origen de actualización: Usuario
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Diferencia
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 1.1.24040.1
Versión anterior del motor: 1.1.24040.1
Código de error: 0x80509004
Descripción del error: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2024-05-16 01:57:32
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 1.411.173.0
Versión anterior de inteligencia de seguridad: 1.411.153.0
Origen de actualización: Usuario
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Diferencia
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 1.1.24040.1
Versión anterior del motor: 1.1.24040.1
Código de error: 0x80509004
Descripción del error: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico. 

CodeIntegrity:
===============
Date: 2024-06-16 23:34:29
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.


==================== Información de la memoria =========================== 

BIOS: LENOVO B0CN97WW 01/08/2016
Placa base: LENOVO Lenovo G50-80
Procesador: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Porcentaje de memoria en uso: 78%
RAM física total: 4011.08 MB
RAM física disponible: 863.42 MB
Virtual total: 8091.8 MB
Virtual disponible: 4274.29 MB

==================== Unidades ================================

Drive c: (Windows) (Fixed) (Total:885.69 GB) (Free:608.49 GB) (Model: ST1000LM024 HN-M101MBB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.61 GB) (Model: ST1000LM024 HN-M101MBB) NTFS

\\?\Volume{8b043abd-6d0a-44d7-b613-c68f021fed64}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.29 GB) NTFS
\\?\Volume{aabffd7d-6558-411a-a26c-10e545deacf7}\ (LENOVO_PART) (Fixed) (Total:18.6 GB) (Free:5.54 GB) NTFS
\\?\Volume{4b86d8c1-cdc5-4ed6-af8f-7d1bc8f3b801}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D8404FE0)

Partition: GPT.

==================== Final de Addition.txt =======================