Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 05-02-2022 Ejecutado por Usuario (administrador) sobre DESKTOP-47JPQH2 (Gigabyte Technology Co., Ltd. H110M-H) (10-02-2022 20:04:50) Ejecutado desde C:\Users\Usuario\Pictures Perfiles cargados: Usuario Plataforma: Microsoft Windows 10 Pro Versión 20H2 19042.1466 (X64) Idioma: Español (España, internacional) Navegador predeterminado: Chrome Modo de Inicio: Normal ==================== Procesos (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.) (Adobe Inc. -> ) C:\Program Files\Adobe\Adobe Substance 3D Painter\crashpad_handler.exe (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe) [Archivo no firmado] C:\Program Files\Adobe\Adobe Substance 3D Painter\Adobe Substance 3D Painter.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\dynamiclink\CS6\dynamiclinkmanager.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373652.inf_amd64_97d024528a122d1a\B372726\atieclxx.exe (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373652.inf_amd64_97d024528a122d1a\B372726\atiesrxx.exe (AMD) [Archivo no firmado] C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe (AMD) [Archivo no firmado] C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe (AMD) [Archivo no firmado] C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe (Appwork GmbH -> AppWork GmbH) C:\Users\Usuario\AppData\Local\JDownloader 2.0\JDownloader2.exe (Autodesk, Inc. -> Autodesk) [Archivo no firmado] C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\11.0.0.4854\AdskLicensingService\AdskLicensingService.exe (Autodesk, Inc. -> Autodesk, Inc.) [Archivo no firmado] C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\adskflex.exe (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\lmgrd.exe (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <30> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe (LINE Corporation -> LINE Corporation) C:\Users\Usuario\AppData\Local\LINE\bin\current\LINE.exe (LINE Corporation -> LINE Corporation) C:\Users\Usuario\AppData\Local\LINE\Data\plugin\LineCall\1.0.0.357\LineCall.exe (LINE Corporation -> LINE Corporation) C:\Users\Usuario\AppData\Local\LINE\Data\plugin\LineMediaPlayer\1.2.0.391\LineMediaPlayer.exe <2> (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCopyAccelerator.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe (miHoYo Co.,Ltd. -> ) C:\Program Files\Honkai Impact 3rd glb\Games\BH3.exe (miHoYo Co.,Ltd. -> ) C:\Program Files\Honkai Impact 3rd glb\Games\BH3_Data\Plugins\ZFGameBrowser.exe <2> (miHoYo Co.,Ltd. -> miHoYo) C:\Program Files\Honkai Impact 3rd glb\launcher.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (Shanghai Microvirt Software Technology Co., Ltd. -> ) C:\Program Files\Microvirt\MEmu\MemuService.exe (The Qt Company Oy -> The Qt Company Ltd.) C:\Program Files\Honkai Impact 3rd glb\QtWebEngineProcess.exe (VMware, Inc. -> ) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe <2> (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe ==================== Registro (Lista blanca) =================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [119344 2020-09-14] (VMware, Inc. -> VMware, Inc.) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATENCIÓN HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN HKU\S-1-5-21-3486649076-936815832-1326959528-1001\...\Run: [Google Update] => C:\Users\Usuario\AppData\Local\Google\Update\1.3.36.122\GoogleUpdateCore.exe [223816 2022-01-21] (Google LLC -> Google LLC) HKU\S-1-5-21-3486649076-936815832-1326959528-1001\...\Policies\Explorer: [NoSecurityTab] 1 HKU\S-1-5-21-3486649076-936815832-1326959528-1004\...\Run: [MicrosoftEdgeAutoLaunch_524F3E6F29A824623A30DEBD416A470B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 HKU\S-1-5-21-3486649076-936815832-1326959528-1004\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\oniri\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-3486649076-936815832-1326959528-1004\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\oniri\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKU\S-1-5-21-3486649076-936815832-1326959528-1004\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\oniri\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64" HKU\S-1-5-21-3486649076-936815832-1326959528-1004\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\oniri\AppData\Local\Microsoft\OneDrive\21.220.1024.0005" HKU\S-1-5-21-3486649076-936815832-1326959528-500\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrador\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-3486649076-936815832-1326959528-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrador\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.82\Installer\chrmstp.exe [2022-02-09] (Google LLC -> Google LLC) GroupPolicy: Restricción ? <==== ATENCIÓN Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN HKLM\SOFTWARE\Policies\Microsoft\Edge: Restricción <==== ATENCIÓN HKU\S-1-5-21-3486649076-936815832-1326959528-1001\SOFTWARE\Policies\Microsoft\Edge: Restricción <==== ATENCIÓN ==================== Tareas programadas (Lista blanca) ============ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) Task: {0B1146DA-EC08-462A-A73E-32D5D0141FED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {0FC15E47-0AFE-465B-800F-32AE1D95978E} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {19418F2F-DD47-45AC-B7FC-F5834D6F3F45} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {1AFD3E48-98CF-4D65-B795-D64D09F8A768} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXWarningTask => C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe [12288 2020-09-28] (Microsoft Corporation) [Archivo no firmado] Task: {21B3DF78-68EE-4CA4-A2B6-9EDE5A60B3AF} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync => C:\Program Files\ruxim\ruximics.exe [477512 2021-06-30] (Microsoft Windows -> Microsoft Corporation) Task: {26FF329B-2BF1-47AB-8280-0E4A68B7E7A6} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck Task: {2E3F7631-1E13-43D0-8920-C3E97C8BEE99} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3486649076-936815832-1326959528-1001UA => C:\Users\Usuario\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2018-01-12] (Google Inc -> Google Inc.) Task: {3B94995A-110E-466B-B776-5FD405836AD2} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3486649076-936815832-1326959528-500 => C:\Users\Usuario\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Ningún archivo) Task: {3EE7CE85-D53D-4613-BB7C-C30F6A6F1FB3} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXvGPUDisableTask => C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe [12288 2020-09-28] (Microsoft Corporation) [Archivo no firmado] Task: {4C5F4A3F-5DB0-4592-B394-DC406B8CA221} - System32\Tasks\Microsoft\Windows\Autodesk\Autodesk => wscript.exe "%CommonProgramFiles(x86)%\Autodesk Shared\Network License Manager\Service.vbs" "%CommonProgramFiles(x86)%\Autodesk Shared\Network License Manager\Service.bat" Task: {56B29A5C-6BA9-4E06-8C40-A0EFD2003CA7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5A5846E2-64D6-49C6-ACF6-0A96229E72F4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (Ningún archivo) Task: {7ADBEE48-16D6-4FB5-910A-97D30AFBA01E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7B93FA07-B497-40E8-BECC-205FF16100DC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3486649076-936815832-1326959528-1001Core => C:\Users\Usuario\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2018-01-12] (Google Inc -> Google Inc.) Task: {7EBAE6A2-9DE3-4008-8B4B-B1B2A9C8297C} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3486649076-936815832-1326959528-1004 => C:\Users\Usuario\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Ningún archivo) Task: {8225FF78-83CF-42D3-8464-33727E6C814B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_414_pepper.exe [1471032 2020-08-12] (Adobe Inc. -> Adobe) Task: {862E85CC-6567-4E29-A32F-A94BFBF792A8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1336400 2020-07-08] (Adobe Inc. -> Adobe Inc.) Task: {8F35D7D0-AF03-4273-9EAE-5679DED8B172} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3486649076-936815832-1326959528-1004 => C:\Users\Usuario\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Ningún archivo) Task: {8FAAD719-6B91-4516-8572-83D5F41F548E} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {97986C5A-4E36-409E-A28A-E3866A1ABCDE} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\CreateExplorerShellUnelevatedTask" /ENABLE Task: {97986C5A-4E36-409E-A28A-E3866A1ABCDE} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE Task: {A45DB7DC-C94F-4EA7-847B-E68993CEA73A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-12] (Google Inc -> Google Inc.) Task: {AF1B4754-8EB2-4902-88DB-C09151EA9B64} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3486649076-936815832-1326959528-500 => C:\Users\Usuario\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Ningún archivo) Task: {B04173FF-4E29-4016-B311-1F6541CA02F0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-08-12] (Adobe Inc. -> Adobe) Task: {C29AAAD3-1C4F-4D71-B4BF-94930EB52E48} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay => C:\Program Files\ruxim\ruximics.exe [477512 2021-06-30] (Microsoft Windows -> Microsoft Corporation) Task: {CD6DD2D5-B733-4F40-AC1E-718379BAA299} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2021-07-27] (Bluestack Systems, Inc -> BlueStack Systems, Inc.) Task: {CDF0F04D-B343-400E-B21A-407ADB9D2B61} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3486649076-936815832-1326959528-1001 => C:\Users\Usuario\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Ningún archivo) Task: {D79E1D69-322C-48A2-B4C8-C94135CE0D79} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D829887F-FA59-4AAD-AD45-528333EFEF56} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {E7F1E055-9A9F-41FE-ACEA-DDE8AFAEEF0B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-12] (Google Inc -> Google Inc.) Task: {E924DFFA-A76C-466C-A72E-B8C915E27CBA} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3486649076-936815832-1326959528-1001 => C:\Users\Usuario\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Ningún archivo) Task: {FE6EB123-361E-4AFB-8C97-41B76BC7E839} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (Ningún archivo) (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.) ==================== Internet (Lista blanca) ==================== (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.) Winsock: Catalog5 08 C:\WINDOWS\SysWOW64\wlidNSP.dll [41984 2021-09-05] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog5 09 C:\WINDOWS\SysWOW64\wlidNSP.dll [41984 2021-09-05] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog5-x64 08 C:\WINDOWS\system32\wlidnsp.dll [67072 2021-09-05] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog5-x64 09 C:\WINDOWS\system32\wlidnsp.dll [67072 2021-09-05] (Microsoft Windows -> Microsoft Corporation) Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt Tcpip\..\Interfaces\{cecfe375-05db-40f2-a4ac-3e8db5904d16}: [DhcpNameServer] 100.72.3.1 100.72.3.113 Edge: ======= Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado] Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado] Edge Extension: (AdBlock — best ad blocker) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.13.0.0_neutral__c1wakc4j0nefm [2021-10-02] Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado] Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado] Edge DefaultProfile: Profile 1 Edge Profile: C:\Users\Usuario\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-02-10] Edge HomePage: Profile 1 -> hxxp://www.google.com/ Edge Session Restore: Profile 1 -> está habilitado. Edge Extension: (Bloqueador de ventanas emergentes para Edge ™) - C:\Users\Usuario\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\fhnijjnklcofjoilpdahmhdoobjemdka [2021-11-18] Edge Extension: (Allow Right-Click) - C:\Users\Usuario\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\fihgggipdgdcpnljebplafkdkfandnlp [2022-01-09] Edge Extension: (600% Sound Volume) - C:\Users\Usuario\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\halhikgflghgbhpkdmlplhdcepenjlgi [2022-01-29] Edge Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Usuario\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2022-01-27] FireFox: ======== FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @qq.com/npchrome -> C:\Program Files (x86)\Common Files\Tencent\Npchrome\npchrome.dll [Ningún archivo] FF Plugin-x32: @qq.com/npqscall -> C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll [Ningún archivo] FF Plugin-x32: @qq.com/TXSSO -> C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.2.1\Bin\npSSOAxCtrlForPTLogin.dll [Ningún archivo] FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2010-09-01] (Wacom, Inc.) [Archivo no firmado] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2022-02-10] CHR HomePage: Default -> hxxp://www.google.com/ CHR Session Restore: Default -> está habilitado. CHR Extension: (Image Downloader for IW) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcieicfnbnmlffkgbiemoofinidpgloa [2022-01-24] CHR Extension: (IG Downloader) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpgaheeihidjmolbakklolchdplenjai [2021-12-16] CHR Extension: (MyJDownloader Browser Extension) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2021-07-15] CHR Extension: (StockBlocker) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabmlabpkcpincifnadmjplohbbljdba [2021-12-25] CHR Extension: (App for SMP) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfacfdojbffehkhinogeheapldnoojdm [2020-05-13] CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-01-29] CHR Extension: (Save As MHT) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmodljjaibbdndlikgagimhhodmobkc [2021-04-09] CHR Extension: (Allow Right-Click) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnafhkjheookmokbkpnfpmemlppjdgoi [2022-01-09] CHR Extension: (Volume Master - controlador de volumen) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghecgabfgfdldnmbfkhmffcabddioke [2022-01-09] CHR Extension: (Ver Imagen) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcmhcelnjdmblfmjabdeclccemkghjk [2022-01-18] CHR Extension: (MetaMask) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2022-02-09] CHR Extension: (Super Dark Mode) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlgphodeccebbcnkgmokeegopgpnjfkc [2022-02-02] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\System Profile [2020-12-09] ==================== Servicios (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-07-08] (Adobe Inc. -> Adobe Inc.) S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-08-12] (Adobe Inc. -> Adobe) R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [18673448 2021-03-29] (Autodesk, Inc. -> Autodesk) [Archivo no firmado] R2 AUEPLauncher; C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe [43008 2019-05-09] (AMD) [Archivo no firmado] S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [439880 2021-01-05] (Epic Games Inc. -> Epic Games, Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7972536 2022-02-02] (Malwarebytes Inc -> Malwarebytes) R2 MEmuSVC; C:\Program Files\Microvirt\MEmu\MemuService.exe [85304 2019-09-12] (Shanghai Microvirt Software Technology Co., Ltd. -> ) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6137040 2022-01-14] (Microsoft Windows Publisher -> Microsoft Corporation) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado] R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15228976 2020-09-14] (VMware, Inc. -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-09] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-09] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Controladores (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0373652.inf_amd64_97d024528a122d1a\B372726\amdkmdag.sys [80538504 2021-11-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R2 ateam64; C:\WINDOWS\System32\ateam64.sys [13128 2020-09-25] (Microsoft Windows Hardware Compatibility Publisher -> ) R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320728 2021-07-27] (Bluestack Systems, Inc -> Bluestack System Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283200 2021-10-11] (DT Soft Ltd -> DT Soft Ltd) S3 gdrv; C:\Windows\gdrv.sys [26192 2018-01-12] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220568 2022-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-12-16] (Malwarebytes Inc -> Malwarebytes) R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [320360 2021-01-04] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation) U4 mhyprotect; C:\Users\Usuario\AppData\Local\Temp\mhyprotect.sys [1249608 2022-01-05] (miHoYo Co.,Ltd. -> ) <==== ATENCIÓN S3 PPJoyBus; C:\WINDOWS\system32\DRIVERS\PPJoyBus64.sys [22752 2016-05-13] (Deon van der Westhuysen Test Certificate -> Deon van der Westhuysen) [Archivo no firmado] S3 PPortJoystick; C:\WINDOWS\System32\drivers\PPortJoy64.sys [42720 2016-05-13] (Deon van der Westhuysen Test Certificate -> Deon van der Westhuysen) [Archivo no firmado] S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2018-07-31] (TunnelBear, Inc. -> The OpenVPN Project) S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [442128 2020-01-21] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [555064 2020-01-21] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) R3 UniFairy; C:\WINDOWS\system32\UniFairy.sys [828144 2022-02-10] (Tencent Technology(Shenzhen) Company Limited -> ) S3 vhidmini; C:\WINDOWS\System32\drivers\vjoy.sys [15544 2013-04-18] (Ultimarc Limited -> Headsoft) R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [68544 2020-09-14] (VMware, Inc. -> VMware, Inc.) R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [105912 2020-08-11] (VMware, Inc. -> VMware, Inc.) R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [54592 2020-08-11] (VMware, Inc. -> VMware, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-02-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [438520 2022-02-09] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-09] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ==================== Un mes (creado) (Lista blanca) ========= (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2022-02-10 20:02 - 2022-02-10 20:06 - 000000000 ____D C:\FRST 2022-02-10 13:56 - 2022-02-10 16:59 - 000000000 ____D C:\Program Files\Argente - Registry Cleaner 2022-02-10 13:56 - 2022-02-10 13:56 - 000000984 _____ C:\Users\Public\Desktop\Argente - Registry Cleaner.lnk 2022-02-10 13:56 - 2022-02-10 13:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Argente - Registry Cleaner 2022-02-09 13:12 - 2022-02-09 13:12 - 156116615 _____ C:\Users\Usuario\Downloads\UDIMs - Modelling and Texturing Essentials (1080p_60fps_H264-128kbit_AAC).mp4 2022-02-09 12:59 - 2022-02-09 12:59 - 000000000 ___HD C:\$WinREAgent 2022-02-09 04:13 - 2022-02-09 04:14 - 336519098 _____ C:\Users\Usuario\Downloads\Texturing vintage_industrial lamps with Substance Painter and Marmoset Toolbag - (Timelapse) (720p_30fps_H264-192kbit_AAC).mp4 2022-02-09 04:13 - 2022-02-09 04:13 - 021652338 _____ C:\Users\Usuario\Downloads\Getting to Know Toolbag 3 _ Ep. 1_ Scene Setup (1080p_30fps_H264-128kbit_AAC).mp4 2022-02-09 04:10 - 2022-02-09 04:11 - 096818793 _____ C:\Users\Usuario\Downloads\Photo Realistic Procedural Texturing in Substance Painter_ Full Process Timelapse (1080p_30fps_H264-128kbit_AAC).mp4 2022-02-09 04:02 - 2022-02-09 04:05 - 915696824 _____ C:\Users\Usuario\Downloads\3ds Max to Substance Painter Medieval Modeling (660p_30fps_H264-192kbit_AAC).mp4 2022-02-09 03:59 - 2022-02-09 04:00 - 155174284 _____ C:\Users\Usuario\Downloads\Game Asset Nightstand Drawer _ Autodesk3dsMax_SubstancePainter (720p_30fps_H264-192kbit_AAC).mp4 2022-02-09 03:44 - 2022-02-09 03:44 - 004219270 _____ C:\Users\Usuario\Downloads\Desireless - Voyage Voyage (Lyrics) (128kbit_AAC).m4a 2022-02-09 03:43 - 2022-02-09 03:44 - 002097136 _____ C:\Users\Usuario\Downloads\Tdqy3o5-l3Y_MP4_H264_720P_30FPS_AAC_128KBIT_DASH_31f5a901af5d3c615551bd17475a6720.dashVideo.part 2022-02-08 14:14 - 2022-02-08 14:14 - 072195622 _____ C:\Users\Usuario\Downloads\Simon & Garfunkel Greatest Hits 2021 - Simon & Garfunkel Best Songs Collection - Classic Folk Music (128kbit_AAC).m4a 2022-02-08 14:09 - 2022-02-08 14:09 - 004842329 _____ C:\Users\Usuario\Downloads\SIMON AND GARFUNKEL -_ PUENTE SOBRE AGUAS TURBULENTAS_ ( subtitulado al español) (128kbit_AAC).m4a 2022-02-08 14:08 - 2022-02-08 14:08 - 004209883 _____ C:\Users\Usuario\Downloads\El Condor Pasa - Paul Simon & Garfunkel (128kbit_AAC).m4a 2022-02-08 14:07 - 2022-02-08 14:07 - 004746062 _____ C:\Users\Usuario\Downloads\The Boxer _ Simon & Garfunkel (subtitulos español) (128kbit_AAC).m4a 2022-02-08 14:07 - 2022-02-08 14:07 - 003730717 _____ C:\Users\Usuario\Downloads\Simon and Garfunkel - Mrs. Robinson (lyrics) (128kbit_AAC).m4a 2022-02-05 02:24 - 2022-02-05 02:24 - 000000620 _____ C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Design.lnk 2022-02-05 02:24 - 2022-02-05 02:24 - 000000613 _____ C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tools.lnk 2022-02-05 02:24 - 2022-02-05 02:24 - 000000613 _____ C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games.lnk 2022-02-05 02:23 - 2022-02-05 02:23 - 000000645 _____ C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shortcuts.lnk 2022-02-05 02:20 - 2022-02-05 02:20 - 000220568 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2022-02-05 02:02 - 2022-02-05 02:02 - 000001312 _____ C:\WINDOWS\system32\ooshutup10.cfg 2022-02-05 02:02 - 2022-02-05 02:02 - 000000000 ____D C:\Users\Usuario\AppData\Local\OO Software 2022-02-05 01:58 - 2022-02-05 01:58 - 000000000 ____D C:\systemfile 2022-02-03 20:53 - 2022-02-04 22:00 - 000000000 ____D C:\Users\oniri\AppData\Local\PlaceholderTileLogoFolder 2022-02-03 19:14 - 2022-02-03 19:14 - 000000000 ____D C:\Users\oniri\AppData\Local\Comms 2022-02-03 19:03 - 2022-02-03 19:03 - 000000000 ____D C:\Users\oniri\AppData\Local\OneDrive 2022-02-03 18:59 - 2022-02-04 22:01 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3486649076-936815832-1326959528-1004 2022-02-03 18:58 - 2022-02-04 22:01 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3486649076-936815832-1326959528-1004 2022-02-03 18:58 - 2022-02-04 22:01 - 000002413 _____ C:\Users\oniri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-02-03 18:58 - 2022-02-03 19:00 - 000000000 ___RD C:\Users\oniri\OneDrive 2022-02-03 18:54 - 2022-02-03 18:54 - 000000000 ____D C:\Users\oniri\AppData\Local\Publishers 2022-02-03 18:53 - 2022-02-03 20:54 - 000000000 ____D C:\Users\oniri\AppData\Local\Packages 2022-02-03 18:53 - 2022-02-03 19:14 - 000000000 ____D C:\Users\oniri\AppData\Local\Google 2022-02-03 18:53 - 2022-02-03 19:13 - 000000000 ____D C:\Users\oniri\AppData\Local\D3DSCache 2022-02-03 18:53 - 2022-02-03 19:09 - 000002389 _____ C:\Users\oniri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-02-03 18:53 - 2022-02-03 18:54 - 000000000 ____D C:\Users\oniri\AppData\Local\ConnectedDevicesPlatform 2022-02-03 18:53 - 2022-02-03 18:53 - 000000000 ___RD C:\Users\oniri\3D Objects 2022-02-03 18:53 - 2022-02-03 18:53 - 000000000 ____D C:\Users\oniri\AppData\Roaming\WTablet 2022-02-03 18:53 - 2022-02-03 18:53 - 000000000 ____D C:\Users\oniri\AppData\LocalLow\AMD 2022-02-03 18:53 - 2022-02-03 18:53 - 000000000 ____D C:\Users\oniri\AppData\Local\VirtualStore 2022-02-03 18:53 - 2022-02-03 18:53 - 000000000 ____D C:\Users\oniri\AppData\Local\AMD 2022-02-03 18:51 - 2022-02-03 18:58 - 000000000 ____D C:\Users\oniri 2022-02-03 18:51 - 2022-02-03 18:51 - 000000020 ___SH C:\Users\oniri\ntuser.ini 2022-02-03 18:51 - 2022-02-03 18:51 - 000000000 _SHDL C:\Users\oniri\Reciente 2022-02-03 18:51 - 2022-02-03 18:51 - 000000000 _SHDL C:\Users\oniri\Plantillas 2022-02-03 18:51 - 2022-02-03 18:51 - 000000000 _SHDL C:\Users\oniri\Mis documentos 2022-02-03 18:51 - 2022-02-03 18:51 - 000000000 _SHDL C:\Users\oniri\Menú Inicio 2022-02-03 18:51 - 2022-02-03 18:51 - 000000000 _SHDL C:\Users\oniri\Impresoras 2022-02-03 18:51 - 2022-02-03 18:51 - 000000000 _SHDL C:\Users\oniri\Entorno de red 2022-02-03 18:51 - 2022-02-03 18:51 - 000000000 _SHDL C:\Users\oniri\Documents\Mis vídeos 2022-02-03 18:51 - 2022-02-03 18:51 - 000000000 _SHDL C:\Users\oniri\Documents\Mis imágenes 2022-02-03 18:51 - 2022-02-03 18:51 - 000000000 _SHDL C:\Users\oniri\Documents\Mi música 2022-02-03 18:51 - 2022-02-03 18:51 - 000000000 _SHDL C:\Users\oniri\Datos de programa 2022-02-03 18:51 - 2022-02-03 18:51 - 000000000 _SHDL C:\Users\oniri\Configuración local 2022-02-03 18:51 - 2022-02-03 18:51 - 000000000 _SHDL C:\Users\oniri\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2022-02-03 18:51 - 2022-02-03 18:51 - 000000000 _SHDL C:\Users\oniri\AppData\Local\Historial 2022-02-03 18:51 - 2022-02-03 18:51 - 000000000 _SHDL C:\Users\oniri\AppData\Local\Datos de programa 2022-02-03 18:51 - 2022-02-03 18:51 - 000000000 _SHDL C:\Users\oniri\AppData\Local\Archivos temporales de Internet 2022-02-03 17:35 - 2022-02-04 17:36 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3486649076-936815832-1326959528-500 2022-02-03 17:32 - 2022-02-03 17:32 - 000000020 ___SH C:\Users\Administrador\ntuser.ini 2022-01-14 02:07 - 2022-01-14 02:07 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-01-14 02:06 - 2022-01-14 02:06 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-01-14 02:06 - 2022-01-14 02:06 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim ==================== Un mes (modificado) ================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2022-02-10 19:58 - 2018-01-12 19:09 - 000000000 ____D C:\Program Files (x86)\Google 2022-02-10 19:49 - 2021-09-06 03:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-02-10 16:50 - 2018-01-21 14:18 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\vlc 2022-02-10 13:32 - 2021-07-08 13:52 - 000000000 ____D C:\Program Files\Honkai Impact 3rd glb 2022-02-10 13:32 - 2020-02-18 22:43 - 000828144 _____ () C:\WINDOWS\system32\UniFairy.sys 2022-02-10 12:10 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-02-10 12:10 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-02-10 12:04 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-02-10 09:57 - 2018-07-21 11:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\CrashDumps 2022-02-10 00:24 - 2018-01-13 03:23 - 000000000 ___RD C:\Users\Usuario\OneDrive 2022-02-09 22:08 - 2022-01-04 01:06 - 000000000 ____D C:\Users\Usuario\Documents\3ds Max 2022 2022-02-09 22:08 - 2020-11-21 01:26 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\substancelinkopentcp 2022-02-09 20:27 - 2020-11-10 22:29 - 000000000 ____D C:\Program Files\Genshin Impact 2022-02-09 18:50 - 2018-06-20 21:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-02-08 21:20 - 2020-02-18 22:27 - 000000000 ____D C:\Users\Usuario\AppData\Local\miHoYo 2022-02-07 20:31 - 2018-07-01 01:15 - 000000000 ____D C:\Users\Usuario\AppData\Local\D3DSCache 2022-02-05 13:41 - 2021-04-09 22:28 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Telegram Desktop 2022-02-05 12:22 - 2020-10-04 06:13 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-02-05 02:29 - 2018-01-13 21:16 - 000000000 ____D C:\Users\Usuario\AppData\Local\JDownloader 2.0 2022-02-05 02:18 - 2019-12-07 06:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-02-05 02:18 - 2018-01-13 03:30 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2022-02-05 02:15 - 2018-03-26 05:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Packages 2022-02-05 02:07 - 2018-06-20 23:32 - 000000000 ____D C:\Users\Usuario\AppData\Local\PlaceholderTileLogoFolder 2022-02-05 01:11 - 2020-08-16 17:37 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\discord 2022-02-05 01:06 - 2020-08-16 17:37 - 000000000 ____D C:\Users\Usuario\AppData\Local\Discord 2022-02-04 23:19 - 2021-09-06 04:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-02-04 23:19 - 2021-09-06 03:50 - 000008192 ___SH C:\DumpStack.log.tmp 2022-02-04 23:19 - 2021-08-26 19:41 - 000000000 ____D C:\ProgramData\VMware 2022-02-04 17:36 - 2021-09-06 04:23 - 000003392 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3486649076-936815832-1326959528-500 2022-02-04 17:36 - 2021-09-06 03:56 - 000002437 _____ C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-02-04 17:19 - 2019-07-06 16:14 - 000000000 ____D C:\Users\Administrador\AppData\Local\PlaceholderTileLogoFolder 2022-02-03 20:16 - 2019-07-06 16:09 - 000000000 ____D C:\Users\Administrador\AppData\Local\Packages 2022-02-03 19:12 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2022-02-03 18:54 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-02-03 18:54 - 2018-01-13 03:21 - 000000000 __RHD C:\Users\Public\AccountPictures 2022-02-03 18:13 - 2018-01-13 03:21 - 000000000 ____D C:\Users\Usuario\AppData\Local\ConnectedDevicesPlatform 2022-02-03 17:34 - 2019-07-06 16:09 - 000000000 ____D C:\Users\Administrador\AppData\Local\D3DSCache 2022-02-03 17:33 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF 2022-02-03 17:32 - 2021-09-06 03:56 - 000000000 ____D C:\Users\Administrador 2022-02-03 17:32 - 2019-07-06 16:09 - 000000000 ___RD C:\Users\Administrador\3D Objects 2022-02-03 17:19 - 2021-09-06 04:23 - 000003660 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask 2022-02-03 15:57 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-02-02 23:59 - 2021-09-06 03:56 - 000000000 ____D C:\Users\Usuario 2022-02-02 19:42 - 2021-09-05 16:03 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\IGDump 2022-02-02 18:51 - 2021-09-06 04:23 - 000003016 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper_nxt 2022-02-02 18:48 - 2021-12-08 22:47 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-02-02 18:44 - 2021-12-08 22:46 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-02-02 18:44 - 2021-09-05 15:45 - 000000000 ____D C:\Program Files\Malwarebytes 2022-02-02 18:32 - 2019-05-21 12:43 - 000000000 ___RD C:\Users\Usuario\Desktop\Shortcuts 2022-01-29 18:01 - 2021-04-22 18:02 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\WhatsApp 2022-01-25 14:51 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2022-01-25 14:22 - 2018-01-17 13:02 - 000000000 ____D C:\Users\Usuario\AppData\Local\ElevatedDiagnostics 2022-01-24 17:25 - 2018-02-02 11:34 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Mp3tag 2022-01-21 20:19 - 2021-09-28 21:51 - 000003558 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7ab474ead2f20 2022-01-21 20:19 - 2021-09-06 04:23 - 000003652 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-01-21 02:50 - 2021-09-06 04:23 - 000003886 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3486649076-936815832-1326959528-1001UA 2022-01-21 02:50 - 2021-09-06 04:23 - 000003618 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3486649076-936815832-1326959528-1001Core 2022-01-21 01:56 - 2021-09-06 04:23 - 000003622 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2022-01-21 01:56 - 2021-09-06 04:23 - 000003498 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2022-01-19 17:26 - 2021-12-17 00:34 - 000000000 ____D C:\Users\Usuario\AppData\Local\WhatsApp 2022-01-19 00:03 - 2020-05-23 23:46 - 000000000 ____D C:\Program Files (x86)\Steam 2022-01-19 00:03 - 2019-05-25 21:41 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\DAEMON Tools Lite 2022-01-16 14:44 - 2019-01-14 03:26 - 000000000 ____D C:\Users\Usuario\Documents\ActivePresenter 2022-01-16 14:44 - 2018-12-26 00:37 - 000000000 ____D C:\Users\Usuario\Documents\ActivePresenter Templates 2022-01-15 20:59 - 2018-12-12 02:16 - 000000132 _____ C:\Users\Usuario\AppData\Roaming\Adobe PNG Format CS6 Prefs 2022-01-15 03:37 - 2021-09-06 04:07 - 002381978 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-01-15 03:37 - 2021-09-05 22:54 - 000477790 _____ C:\WINDOWS\system32\perfh011.dat 2022-01-15 03:37 - 2021-09-05 22:54 - 000132668 _____ C:\WINDOWS\system32\perfc011.dat 2022-01-15 03:37 - 2019-12-07 11:55 - 000773758 _____ C:\WINDOWS\system32\perfh00A.dat 2022-01-15 03:37 - 2019-12-07 11:55 - 000152524 _____ C:\WINDOWS\system32\perfc00A.dat 2022-01-15 03:32 - 2021-09-06 03:50 - 005162960 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-01-15 03:28 - 2019-12-07 11:58 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-01-15 03:28 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2022-01-15 03:28 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-01-15 03:28 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-01-15 03:28 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\setup 2022-01-15 03:28 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-01-15 03:28 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-01-15 03:28 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-01-15 03:28 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-01-14 01:13 - 2018-03-10 02:52 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-01-14 00:53 - 2018-03-10 02:52 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-01-12 23:45 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\servicing 2022-01-12 14:00 - 2020-03-14 19:23 - 000000000 ___RD C:\Users\Usuario\Desktop\Games ==================== Archivos en la raíz de algunos directorios ======== 2020-07-23 02:06 - 2020-08-22 22:45 - 000000007 _____ () C:\Users\Usuario\AppData\Roaming\account_name.txt 2021-07-28 17:48 - 2021-07-28 17:48 - 000000132 _____ () C:\Users\Usuario\AppData\Roaming\Adobe BMP Format CS6 Prefs 2020-09-21 01:50 - 2021-11-24 18:37 - 000000132 _____ () C:\Users\Usuario\AppData\Roaming\Adobe GIF Format CS6 Prefs 2018-12-12 02:16 - 2022-01-15 20:59 - 000000132 _____ () C:\Users\Usuario\AppData\Roaming\Adobe PNG Format CS6 Prefs 2020-07-24 18:45 - 2020-08-22 22:45 - 000028672 _____ () C:\Users\Usuario\AppData\Roaming\crash.bin 2020-07-23 02:06 - 2020-08-22 22:45 - 000000523 _____ () C:\Users\Usuario\AppData\Roaming\DLC.txt 2020-10-24 02:40 - 2021-07-29 13:14 - 000012288 _____ () C:\Users\Usuario\AppData\Roaming\emp.bin 2020-07-23 02:06 - 2020-08-22 22:45 - 000000007 _____ () C:\Users\Usuario\AppData\Roaming\language.txt 2020-07-23 02:06 - 2020-08-22 22:45 - 000000005 _____ () C:\Users\Usuario\AppData\Roaming\listen_port.txt 2020-07-23 02:06 - 2020-08-22 22:45 - 000000000 _____ () C:\Users\Usuario\AppData\Roaming\local_save.txt 2020-07-23 02:06 - 2020-08-22 22:45 - 000000001 _____ () C:\Users\Usuario\AppData\Roaming\offline.txt 2018-03-21 10:45 - 2018-03-21 10:45 - 000000132 _____ () C:\Users\Usuario\AppData\Roaming\Prefs. de formato PNG de Adobe CS6 2020-08-09 02:41 - 2020-08-09 02:41 - 000002415 _____ () C:\Users\Usuario\AppData\Roaming\PureRef.ini 2020-07-23 02:06 - 2020-08-22 22:45 - 000000006 _____ () C:\Users\Usuario\AppData\Roaming\steam_appid.txt 2018-02-07 23:39 - 2018-10-16 03:11 - 000000025 ____H () C:\Users\Usuario\AppData\Roaming\uninst45.log 2020-07-23 02:06 - 2020-08-22 22:45 - 000000000 _____ () C:\Users\Usuario\AppData\Roaming\user_steam_id.txt 2018-04-29 23:40 - 2018-04-29 23:48 - 000001456 _____ () C:\Users\Usuario\AppData\Local\Adobe Guardar para Web 13.0 Prefs 2020-09-21 01:54 - 2021-03-26 23:34 - 000001456 _____ () C:\Users\Usuario\AppData\Local\Adobe Save for Web 13.0 Prefs 2020-07-28 19:13 - 2020-07-28 19:13 - 000007605 _____ () C:\Users\Usuario\AppData\Local\Resmon.ResmonCfg 2018-02-07 23:39 - 2018-10-16 03:11 - 000000025 ____H () C:\Users\Usuario\AppData\Local\uninst36.log ==================== SigCheck ============================ (No existe una corrección automática para los archivos que no pasan la verificación.) ==================== Final de FRST.txt ========================