Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 09.06.2024
Ejecutado por Gonza_ (administrador) sobre DESKTOP-MUM17FT (10-06-2024 18:17:39)
Ejecutado desde C:\Users\Gonza_\Desktop\FRST64.exe
Perfiles cargados: Gonza_
Plataforma: Microsoft Windows 10 Pro Versión 22H2 19045.4412 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Advanced Micro Devices Inc.) [Archivo no firmado] C:\Program Files (x86)\AMD\CNext\CCCSlim\MOM.exe
(atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\AMD\CNext\CCCSlim\MOM.exe ->) (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Program Files (x86)\AMD\CNext\CCCSlim\CCC.exe
(C:\Program Files\Git\git-bash.exe ->) (Thomas Wolff, Andy Koppe) [Archivo no firmado] C:\Program Files\Git\usr\bin\mintty.exe
(C:\Program Files\nodejs\node.exe ->) () [Archivo no firmado] C:\Users\Gonza_\Documents\PoweDumbbell\node_modules\@esbuild\win32-x64\esbuild.exe
(C:\Users\Gonza_\AppData\Local\Programs\Microsoft VS Code\Code.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Gonza_\AppData\Local\Temp\vscode-stable-user-x64\CodeSetup-stable-89de5a8d4d6205e5b11647eb6a74844ca23d2573.exe
(C:\Users\Gonza_\AppData\Local\Programs\Microsoft VS Code\Code.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <2>
(C:\Users\Gonza_\AppData\Local\Temp\vscode-stable-user-x64\CodeSetup-stable-89de5a8d4d6205e5b11647eb6a74844ca23d2573.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Gonza_\AppData\Local\Temp\is-2SNQJ.tmp\CodeSetup-stable-89de5a8d4d6205e5b11647eb6a74844ca23d2573.tmp
(explorer.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <49>
(explorer.exe ->) (Johannes Schindelin -> The Git Development Community) C:\Program Files\Git\git-bash.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Gonza_\AppData\Local\Programs\Microsoft VS Code\Code.exe <17>
(Johannes Schindelin -> ) C:\Program Files\Git\usr\bin\bash.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (Oracle America, Inc. -> ) C:\Program Files\MySQL\MySQL Server 8.3\bin\mysqld.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_6.0.2.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2405.8.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4351_none_7e19dc327c844a77\TiWorker.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
(WindowsPowerShell\v1.0\powershell.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\nodejs\node.exe <3>

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4926664 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43608 2023-12-15] (JMicron Technology Corp. -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\MRT: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restricción <==== ATENCIÓN
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-2147916697-2200963039-3509690774-1000\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4899856 2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2147916697-2200963039-3509690774-1001\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4899856 2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2147916697-2200963039-3509690774-1004\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4899856 2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2147916697-2200963039-3509690774-1004\...\Run: [Microsoft Edge Update] => C:\Users\Gonza_\AppData\Local\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateCore.exe [264264 2024-06-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2147916697-2200963039-3509690774-1004\...\Run: [MicrosoftEdgeAutoLaunch_7CC9B2DD419E1B3EBBB2588A03F85027] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4136912 2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\chrmstp.exe [2024-06-05] (Google LLC -> Google LLC)
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) =================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {8365E278-BB76-4B43-9EE2-BFB49E1F3D74} - System32\Tasks\{397AF69F-2633-41C8-B096-0D99EA2DC7A9} => C:\Windows\System32\pcalua.exe [53760 2024-01-03] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Users\Gonza_\Downloads\Marvell_8059_Yukon_Gigabit_V112463_xpvistawin7\Lan\Windows\setup.exe -d C:\Users\Gonza_\Downloads\Marvell_8059_Yukon_Gigabit_V112463_xpvistawin7\Lan\Windows
Task: {E5A3899F-34B0-4B7D-ABBC-681F5AF00F00} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {34936013-8BA9-4F3C-A6D3-31EA368E9DE5} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [10219208 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B0DEAAF9-1BC0-431E-A7CB-84DD08C23A54} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{9D299C3A-1207-4F05-90A4-4E9D9C46D49E} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
Task: {BB8DF4E3-07CE-4D45-A125-C20FA69DABDF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28498912 2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {B8A30477-0C7C-468F-9D8B-CAFAEEC379F2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28498912 2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {1EC04369-DD73-4BE7-959A-5ECCE6CF169C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309912 2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {ABC1C1D8-1790-4053-A4C3-6560CDDCA5E4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309912 2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {F6924F01-07D2-405F-A69E-E1EC5E90862A} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169648 2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {651F97B8-FD27-4DA6-B50D-B5CBF7C3684E} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4452032 2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {26A0033F-7B07-4B81-BB6A-96116A21CEF8} - System32\Tasks\Microsoft\Windows\ErrorDetails\Microsoft.Web.AdministratnapIn.resources => C:\Windows\SysWOW64\rundll32.exe [61440 2024-05-15] (Microsoft Windows -> Microsoft Corporation) -> C:\ProgramData\BridgeApplication\EdnnVpfwer\C:\PROGRA~3\BRIDGE~1\EDNNVP~1\GICWSE~1.DLL,srsssCfmmangr1 <==== ATENCIÓN
Task: {532D7CA1-3909-46B7-AE58-835EF4DB3DC6} - System32\Tasks\Microsoft\Windows\rempl\shell => %ProgramFiles%\rempl\sedlauncher.exe  (Ningún archivo)
Task: {159CA5CB-396D-4E22-A0E9-15E1D5A45929} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AF68F7DA-2C68-46B9-9F38-D4FD87C490C6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {506420A9-BDA3-496C-8C4B-E30C27E9407D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C19D2E40-276C-4B11-914B-B9E1033709AA} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2147916697-2200963039-3509690774-1004Core{7AE979BF-3040-4AE3-B68D-8C3593EA203B} => C:\Users\Gonza_\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205880 2023-12-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {64C52768-B665-46CC-A4B4-FFC705D7A870} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2147916697-2200963039-3509690774-1004UA{F5F4CA48-91FD-450F-9967-F843AEAD5FB6} => C:\Users\Gonza_\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205880 2023-12-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {D2B10814-45F1-4CD3-AB70-EEDEA26DDAF5} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {3210752A-22DA-411A-AA41-A5DB3E11E8B9} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2147916697-2200963039-3509690774-1000 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {C71DFB76-8A51-4628-984A-780135C46605} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2147916697-2200963039-3509690774-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {7B04C538-2458-46D5-AFE0-86A10B86C660} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2147916697-2200963039-3509690774-1004 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {D8B7AB78-297E-4388-998E-419ABD417279} - System32\Tasks\Service\Data => "C:\Users\Gonza_\AppData\Roaming\ServiceData\Rukevar.exe"  -> "C:\Users\Gonza_\AppData\Roaming\ServiceData\Rukevar.jpg"

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{9df611f0-4c08-48ee-9c8d-26c871c73a0b}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Edge: 
=======
Edge Profile: C:\Users\Gonza_\AppData\Local\Microsoft\Edge\User Data\Default [2024-06-10]
Edge Extension: (Documentos de Google sin conexión) - C:\Users\Gonza_\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-01]
Edge Extension: (Edge relevant text changes) - C:\Users\Gonza_\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-29]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-05-12] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-04-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-29] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR Profile: C:\Users\Gonza_\AppData\Local\Google\Chrome\User Data\Default [2024-06-10]
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Extension: (JSON Formatter) - C:\Users\Gonza_\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjindcccaagfpapjjmafapmmgkkhgoa [2024-04-01]
CHR Extension: (Simulador móvil: herramienta de prueba responsiva) - C:\Users\Gonza_\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckejmhbmlajgoklhgbapkiccekfoccmk [2024-06-10]
CHR Extension: (JSON Viewer) - C:\Users\Gonza_\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdgpbipfallnflgajpaliibnhdgobh [2024-01-18]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Gonza_\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-01]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Gonza_\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-06-06]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Gonza_\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-15]
CHR HKU\S-1-5-21-2147916697-2200963039-3509690774-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [Archivo no firmado]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14012520 2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncHelper.exe [3514384 2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
S2 GoogleUpdaterInternalService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
S2 GoogleUpdaterService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MySQL83; C:\Program Files\MySQL\MySQL Server 8.3\bin\mysqld.exe [54943816 2023-12-14] (Oracle America, Inc. -> )
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.101.0519.0010\OneDriveUpdaterService.exe [3853840 2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522200 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [23240 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602520 2024-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2024-06-10 18:17 - 2024-06-10 18:18 - 000020574 _____ C:\Users\Gonza_\Desktop\FRST.txt
2024-06-10 18:16 - 2024-06-10 18:18 - 000000000 ____D C:\FRST
2024-06-10 18:16 - 2024-06-10 18:16 - 002395136 _____ (Farbar) C:\Users\Gonza_\Desktop\FRST64.exe
2024-06-10 18:05 - 2024-06-10 18:07 - 000000000 ___HD C:\$WinREAgent
2024-06-10 18:00 - 2024-06-10 18:00 - 000000020 _____ C:\Users\Gonza_\.lesshst
2024-06-10 10:59 - 2024-06-10 10:59 - 000004608 _____ C:\WINDOWS\SECOH-QAD.exe
2024-06-10 10:59 - 2024-06-10 10:59 - 000003584 _____ C:\WINDOWS\SECOH-QAD.dll
2024-06-10 10:57 - 2024-06-10 10:57 - 000000394 __RSH C:\ProgramData\ntuser.pol
2024-06-10 10:49 - 2024-06-10 10:49 - 000000000 ____D C:\Users\Gonza_\AppData\Local\Xufavitu
2024-06-10 10:46 - 2024-06-10 10:46 - 009024697 _____ C:\Users\Gonza_\Downloads\___KMSPico___.zip
2024-06-06 09:18 - 2024-06-06 09:18 - 000000000 ____D C:\WINDOWS\system32\%userprofile%
2024-06-05 09:21 - 2024-06-05 09:21 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-06-03 20:07 - 2024-06-03 20:07 - 000004424 _____ C:\Users\Gonza_\Downloads\Diagrama casos de Uso.vpd
2024-06-03 19:58 - 2024-06-03 19:58 - 000008089 _____ C:\Users\Gonza_\Downloads\Diagrama Entidad Relacion Chen.vpd
2024-06-03 17:41 - 2024-06-03 17:41 - 003211264 _____ (as) C:\ProgramData\HCGDGIDGIJ.exe
2024-06-03 17:39 - 2024-06-03 17:39 - 000000000 ____D C:\Users\Gonza_\.oracle_jre_usage
2024-05-21 10:18 - 2024-05-21 10:18 - 000415780 _____ C:\Users\Gonza_\Downloads\Plantilla de respuesta_Gonzalo-Sanchez.pdf
2024-05-20 17:35 - 2024-05-20 17:35 - 001518183 _____ C:\Users\Gonza_\Downloads\Cuestionario.pdf
2024-05-20 17:35 - 2024-05-20 17:35 - 000298196 _____ C:\Users\Gonza_\Downloads\Plantilla de respuesta.pdf
2024-05-16 10:55 - 2024-05-16 10:55 - 000047703 _____ C:\Users\Gonza_\Downloads\WhatsApp Image 2024-05-13 at 17.27.55.jpeg
2024-05-16 10:41 - 2024-05-16 10:41 - 000112080 _____ C:\Users\Gonza_\Downloads\WhatsApp Image 2024-05-13 at 17.14.41.jpeg
2024-05-16 10:16 - 2024-05-16 10:16 - 000056015 _____ C:\Users\Gonza_\Downloads\WhatsApp Image 2024-05-13 at 17.11.03.jpeg
2024-05-16 09:53 - 2024-05-16 09:53 - 000000000 ____D C:\Users\Gonza_\AppData\Roaming\ScreenToGif
2024-05-16 09:52 - 2024-05-16 09:52 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenToGif.lnk
2024-05-16 09:52 - 2024-05-16 09:52 - 000001000 _____ C:\Users\Public\Desktop\ScreenToGif.lnk
2024-05-16 09:52 - 2024-05-16 09:52 - 000000000 ____D C:\Program Files\ScreenToGif
2024-05-16 09:48 - 2024-05-16 09:48 - 080658432 _____ C:\Users\Gonza_\Downloads\ScreenToGif.2.41.Setup.x64.msi
2024-05-15 10:46 - 2024-05-15 10:46 - 000044317 _____ C:\Users\Gonza_\Downloads\WhatsApp Image 2024-05-13 at 13.10.41.jpeg
2024-05-15 10:44 - 2024-05-15 10:44 - 000048232 _____ C:\Users\Gonza_\Downloads\WhatsApp Image 2024-05-13 at 11.42.23.jpeg
2024-05-15 10:43 - 2024-05-15 10:43 - 000076658 _____ C:\Users\Gonza_\Downloads\WhatsApp Image 2024-05-13 at 11.15.00.jpeg
2024-05-15 10:42 - 2024-05-15 10:42 - 000025081 _____ C:\Users\Gonza_\Downloads\WhatsApp Image 2024-05-13 at 11.10.02.jpeg
2024-05-15 10:28 - 2024-05-15 10:28 - 000026825 _____ C:\Users\Gonza_\Downloads\WhatsApp Image 2024-05-13 at 10.55.19.jpeg

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2024-06-10 18:18 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-06-10 18:08 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-06-10 18:06 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2024-06-10 18:00 - 2023-12-21 18:35 - 000000000 ___HD C:\Users\Gonza_
2024-06-10 17:55 - 2023-12-22 00:40 - 000000000 ____D C:\Users\Gonza_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2024-06-10 17:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-06-10 17:54 - 2023-12-22 00:40 - 000000000 ____D C:\Users\Gonza_\AppData\Roaming\Code
2024-06-10 17:53 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-06-10 11:32 - 2020-11-19 00:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-06-10 11:01 - 2023-12-21 18:40 - 001683676 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-06-10 11:01 - 2019-12-07 16:55 - 000752202 _____ C:\WINDOWS\system32\perfh00A.dat
2024-06-10 11:01 - 2019-12-07 16:55 - 000147880 _____ C:\WINDOWS\system32\perfc00A.dat
2024-06-10 11:01 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2024-06-10 10:56 - 2024-05-01 10:13 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-06-10 10:56 - 2023-12-21 18:33 - 000008192 ___SH C:\DumpStack.log.tmp
2024-06-10 10:56 - 2020-11-19 01:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-06-10 10:56 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-06-10 10:54 - 2016-07-16 13:47 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2024-06-10 10:47 - 2023-12-21 18:39 - 000004050 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2147916697-2200963039-3509690774-1004UA{F5F4CA48-91FD-450F-9967-F843AEAD5FB6}
2024-06-10 10:47 - 2023-12-21 18:39 - 000003988 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2147916697-2200963039-3509690774-1004Core{7AE979BF-3040-4AE3-B68D-8C3593EA203B}
2024-06-10 10:47 - 2020-11-19 01:46 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-06-08 08:56 - 2020-11-19 01:46 - 000003708 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-06-08 08:56 - 2020-11-19 01:46 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-06-06 18:41 - 2024-04-29 11:10 - 000000000 ____D C:\Users\Gonza_\AppData\Roaming\Microsoft\Word
2024-06-06 09:18 - 2024-04-29 10:15 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2147916697-2200963039-3509690774-1001
2024-06-06 09:18 - 2024-04-29 10:15 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2147916697-2200963039-3509690774-1000
2024-06-06 09:18 - 2024-04-29 10:15 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-06-06 09:18 - 2024-04-29 10:15 - 000002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-06-06 09:18 - 2024-04-29 10:15 - 000000000 ___RD C:\Users\Default\OneDrive
2024-06-06 09:18 - 2023-12-21 18:39 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2147916697-2200963039-3509690774-1004
2024-06-05 18:43 - 2024-04-29 17:03 - 000000000 ____D C:\Users\Gonza_\Documents\PFG - Documentacion
2024-06-05 10:02 - 2024-05-07 10:53 - 000000000 ____D C:\Users\Gonza_\Documents\CV
2024-06-05 09:30 - 2020-11-19 01:44 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-06-05 09:19 - 2024-04-29 10:10 - 000000000 ____D C:\Program Files\Microsoft Office
2024-06-05 09:19 - 2023-12-22 11:32 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-06-05 09:19 - 2023-12-15 12:50 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-05-29 11:08 - 2024-02-29 10:31 - 000000000 ____D C:\Users\Gonza_\AppData\Local\ElevatedDiagnostics
2024-05-22 10:50 - 2024-04-29 11:10 - 000000000 ____D C:\Users\Gonza_\AppData\Roaming\Microsoft\Office
2024-05-21 10:26 - 2023-12-15 12:31 - 000000000 ____D C:\Users\Gonza_\AppData\Local\Packages
2024-05-16 02:02 - 2020-11-19 00:44 - 000438912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-05-16 02:01 - 2019-12-07 16:58 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2024-05-16 02:01 - 2019-12-07 16:58 - 000000000 ____D C:\Program Files\Windows Portable Devices
2024-05-16 02:01 - 2019-12-07 16:58 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2024-05-16 02:01 - 2019-12-07 16:58 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-05-16 02:01 - 2019-12-07 16:58 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2024-05-16 02:01 - 2019-12-07 16:58 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-05-16 02:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-05-15 10:45 - 2020-11-19 01:46 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-05-15 10:39 - 2023-12-15 13:28 - 000000000 ____D C:\Program Files\ruxim
2024-05-15 10:36 - 2023-12-15 13:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-05-15 10:34 - 2023-12-15 13:28 - 196465576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-05-15 10:09 - 2024-03-01 10:08 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-05-15 10:09 - 2024-03-01 10:08 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-05-15 10:09 - 2024-03-01 10:08 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk

==================== Archivos en la raíz de algunos directorios ========

2024-06-03 17:41 - 2024-06-03 17:41 - 003211264 _____ (as) C:\ProgramData\HCGDGIDGIJ.exe

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================