Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 22.05.2024 01 Ejecutado por usuario (26-05-2024 19:12:08) Ejecutado desde C:\Users\usuario\Desktop Microsoft Windows 10 Home Versión 22H2 19045.4412 (X64) (2021-07-01 07:19:59) Modo de Inicio: Normal ========================================================== ==================== Cuentas: ============================= (Si una entrada es incluida en el fixlist, será eliminada.) Administrador (S-1-5-21-719772006-221768922-2880327383-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-719772006-221768922-2880327383-503 - Limited - Disabled) Invitado (S-1-5-21-719772006-221768922-2880327383-501 - Limited - Disabled) usuario (S-1-5-21-719772006-221768922-2880327383-1001 - Administrator - Enabled) => C:\Users\usuario WDAGUtilityAccount (S-1-5-21-719772006-221768922-2880327383-504 - Limited - Disabled) ==================== Centro de Seguridad ======================== (Si una entrada es incluida en el fixlist, será eliminada.) AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas instalados ====================== (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.) 7-Zip 22.01 (HKLM-x32\...\7-Zip) (Version: 22.01 - Igor Pavlov) adobe (HKLM\...\{F5E6F3F4-C3CB-4A34-B690-F3F8AF571B0E}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.9.0.372 - Adobe Inc.) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.4.0.63 - Adobe Inc.) Adobe Illustrator 2023 (HKLM-x32\...\ILST_27_0_1) (Version: 27.0.1 - Adobe Inc.) Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_1_1) (Version: 11.1.1 - Adobe Systems Incorporated) AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.08.02.027 - Advanced Micro Devices, Inc.) AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.24.0.0 - Advanced Micro Devices, Inc.) Hidden AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden AMD Ryzen Master (HKLM\...\{02247819-03CD-414E-AC8D-FD518BFBA445}) (Version: 2.6.2.1818 - Advanced Micro Devices, Inc.) Hidden AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.6.2.1818 - Advanced Micro Devices, Inc.) AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 23.9.2 - Advanced Micro Devices, Inc.) AMD_Chipset_Drivers (HKLM-x32\...\{94dc9043-935f-4e10-ac8b-5ce0ac055188}) (Version: 5.08.02.027 - Advanced Micro Devices, Inc.) Hidden Audacity 3.0.5 (HKLM\...\Audacity_is1) (Version: 3.0.5 - Audacity Team) Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden Comprobación de estado de PC Windows (HKLM\...\{8B474A92-CE3A-4F46-B6F1-6DFA1390F826}) (Version: 3.6.2204.08001 - Microsoft Corporation) CPUID CPU-Z MSI 1.96 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.96 - CPUID, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 125.0.6422.77 - Google LLC) League of Legends (HKU\S-1-5-21-719772006-221768922-2880327383-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) Malwarebytes version 4.6.8.311 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.8.311 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 125.0.2535.51 - Microsoft Corporation) Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Volume - en-us) (Version: 16.0.10410.20026 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-719772006-221768922-2880327383-1001\...\OneDriveSetup.exe) (Version: 24.091.0505.0003 - Microsoft Corporation) Microsoft Power BI Desktop (x64) (HKLM\...\{750116e1-3f3b-48cc-921a-02029856025e}) (Version: 2.109.844.0 - Microsoft Corporation) Hidden Microsoft PowerBI Desktop (x64) (HKLM-x32\...\{8c4dea63-c01e-4519-ade5-69f21f98c1f6}) (Version: 2.109.844.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Nefarius Virtual Gamepad Emulation Bus Driver (HKLM\...\{93D91F60-7C94-4A79-863F-EA713D2EB3F3}) (Version: 1.17.333.0 - Nefarius Software Solutions e.U.) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.2.1 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10410.20026 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10410.20026 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.10410.20026 - Microsoft Corporation) Hidden Paquete de controladores de Windows - Razer Inc. (WinUSB) USB (05/04/2016 6.2.9200.16385) (HKLM\...\874D6B1A2BD2AE8FF3594AB704F2A4A3F8342FB5) (Version: 05/04/2016 6.2.9200.16385 - Razer Inc.) Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.18.7.1508 - Razer Inc.) Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.6.1215.121004 - Razer Inc.) Razer Virtual Ring Light (HKLM-x32\...\Razer Virtual Ring Light) (Version: 2.0.0.23 - Razer Inc.) reWASD (HKLM\...\reWASD) (Version: 6.0.1.5202 - Disc Soft Ltd) Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.) RyzenMasterSDK (HKLM\...\{A46B2DF1-D0F5-4440-96F2-9F09C51CC3B6}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 10.0.1266 - SUPERAntiSpyware.com) T1 SCRAMJET GAMING MOUSE (HKLM-x32\...\{6F72EBE8-B4F7-4B79-8E83-A6F198B756B2}_is1) (Version: 1.0.1 - TIER ONE USA CORP) The Great Ace Attorney... (HKLM-x32\...\The Great Ace Attorney..._is1) (Version: - ) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation) UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.) VALORANT (HKU\S-1-5-21-719772006-221768922-2880327383-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN) WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 124.0.2478.97 - Microsoft Corporation) WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH) Zoom (HKU\S-1-5-21-719772006-221768922-2880327383-1001\...\ZoomUMX) (Version: 5.8.1 (1435) - Zoom Video Communications, Inc.) Packages: ========= Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-11-22] (Adobe Systems Incorporated) Adobe Photoshop Express -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.12.430.0_x64__ynb6jyjzte8ga [2023-08-28] (Adobe Inc.) Age of Empires II: Definitive Edition -> C:\Program Files\WindowsApps\Microsoft.MSPhoenix_101.102.47822.0_x64__8wekyb3d8bbwe [2024-05-16] (Microsoft Studios) Hades -> C:\Program Files\WindowsApps\SupergiantGamesLLC.Hades_1.0.38246.0_x64__q53c1yqmx7pha [2024-03-08] (Supergiant Games, LLC) iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa [2024-05-11] (Apple Inc.) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-07-08] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-07-08] (Microsoft Corporation) [MS Ad] My Friend Pedro Win10 -> C:\Program Files\WindowsApps\DevolverDigital.MyFriendPedroWin10_1.0.6.0_x64__6kzv4j18v0c96 [2024-03-02] (Devolver Digital) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0 [2024-05-25] (Spotify AB) [Startup Task] T Tablet -> C:\Program Files\WindowsApps\NAMCOBANDAIGamesInc.TTablet_1.9.0.0_x64__gdy2aq6ez762w [2024-03-07] (BANDAI NAMCO Entertainment Inc.) ==================== Personalizado CLSID (Lista blanca): ============== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) CustomCLSID: HKU\S-1-5-21-719772006-221768922-2880327383-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-584F653B76A1} -> [Creative Cloud Files] => C:\Users\usuario\Creative Cloud Files [2022-12-11 11:23] CustomCLSID: HKU\S-1-5-21-719772006-221768922-2880327383-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) CustomCLSID: HKU\S-1-5-21-719772006-221768922-2880327383-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-10-28] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-10-28] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-10-28] (Adobe Inc. -> ) ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Archivo no firmado] ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-10-28] (Adobe Inc. -> ) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-05-25] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Archivo no firmado] ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2023-08-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Archivo no firmado] ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-10-28] (Adobe Inc. -> ) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-05-25] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Lista blanca) ==================== ==================== Accesos directos & WMI ======================== ==================== Módulos cargados (Lista blanca) ============= 2021-09-24 06:03 - 2021-09-24 06:03 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [Archivo no firmado] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoFoundation.dll 2021-09-24 06:03 - 2021-09-24 06:03 - 000207872 _____ (Applied Informatics Software Engineering GmbH) [Archivo no firmado] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoJSON.dll 2021-09-24 06:03 - 2021-09-24 06:03 - 000810496 _____ (Applied Informatics Software Engineering GmbH) [Archivo no firmado] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNet.dll 2021-09-24 06:03 - 2021-09-24 06:03 - 000238592 _____ (Applied Informatics Software Engineering GmbH) [Archivo no firmado] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNetSSLWin.dll 2021-09-24 06:03 - 2021-09-24 06:03 - 000335360 _____ (Applied Informatics Software Engineering GmbH) [Archivo no firmado] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoUtil.dll 2021-09-24 06:03 - 2021-09-24 06:03 - 000455168 _____ (Applied Informatics Software Engineering GmbH) [Archivo no firmado] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoXML.dll ==================== Alternate Data Streams (Lista blanca) ======== (Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.) AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\AKKEHI:A37A39457C [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\AKKEHI:D85789CE48 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk:7661CCE9BF [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2023.lnk:C1A7220736 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2017.lnk:B37E45B570 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk:C8B6D970BF [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk:C5D586BE93 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk:E77773B271 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk:86E8B79B48 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk:5465085A2F [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk:104946E0EA [3442] ==================== Modo Seguro (Lista blanca) ================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Asociación (Lista blanca) ================= ==================== Internet Explorer (Lista blanca) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-07-25] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-07-25] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2024-01-18] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-21] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-21] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-21] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-21] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-21] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-21] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-21] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-21] (Microsoft Corporation -> Microsoft Corporation) (Si una entrada es incluida en el fixlist, será eliminada del registro.) IE trusted site: HKU\S-1-5-21-719772006-221768922-2880327383-1001\...\sharepoint.com -> hxxps://salfa-files.sharepoint.com ==================== Hosts contenido: ========================= (Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.) 2019-12-07 05:14 - 2024-05-25 12:22 - 000000886 _____ C:\Windows\system32\drivers\etc\hosts 127.0.0.1 keystone.mwbsys.com 127.0.0.1 holocron.mwbsys.com ==================== Otras Áreas =========================== (Actualmente no existe una corrección automática para esta sección.) HKU\S-1-5-21-719772006-221768922-2880327383-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg DNS Servers: 192.168.100.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall de Windows está habilitado. ==================== MSCONFIG/TASK MANAGER elementos deshabilitados == (Si una entrada es incluida en el fixlist, será eliminada.) HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKU\S-1-5-21-719772006-221768922-2880327383-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-719772006-221768922-2880327383-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-719772006-221768922-2880327383-1001\...\StartupApproved\Run: => "Microsoft.Lists" ==================== Reglas de firewall (Lista blanca) ================ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) FirewallRules: [{36B1C3D2-650E-4857-89E7-0E502F7244F8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{60314FD3-ECAA-4E06-82F8-48873BC522F1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{E0ADEFAA-575E-44C4-AE2A-93F3C57B37B6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{70C0F407-D79C-4062-9373-C65303EA6BF9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [TCP Query User{437AAC6B-4001-4064-B8DA-90D1A9BA7C90}C:\users\usuario\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\usuario\appdata\roaming\bittorrent\bittorrent.exe => Ningún archivo FirewallRules: [UDP Query User{4E81DECC-779D-4768-AF6B-61F5ABB38E90}C:\users\usuario\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\usuario\appdata\roaming\bittorrent\bittorrent.exe => Ningún archivo FirewallRules: [TCP Query User{CDC22F9D-8B97-41D3-8AE7-5145641B70D4}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{E8D39A6B-6FBB-423A-B505-1D0A7C307508}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{C71D173E-8E7A-457C-B789-FD9E7A218E58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> ) FirewallRules: [{1B7E3A11-6C9E-441C-9CFE-CC4F156FAB04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> ) FirewallRules: [{A5D48DD3-D72F-4FF3-898F-F0C6934F27BD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D166A49A-51A9-4739-943C-C9F5AD9BC95A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DEE5DFA2-BA28-4FA7-B2C8-F2CA43051558}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{B255680E-605C-4DD7-A784-9BE3D1897A1E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A708457D-934D-45DE-868D-6F1671A42574}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{7FFDB686-3007-4721-94BE-E2972E1C2AD2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{5EA5288B-99D7-48C7-8D66-9D1D415902BE}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [TCP Query User{C79AC99A-4BF1-4100-B8BE-9F1032D02184}C:\users\usuario\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\usuario\appdata\roaming\bittorrent\bittorrent.exe => Ningún archivo FirewallRules: [UDP Query User{387EE5A1-9D21-4328-B7D8-27AF9AC83BD2}C:\users\usuario\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\usuario\appdata\roaming\bittorrent\bittorrent.exe => Ningún archivo FirewallRules: [TCP Query User{EA7489E5-24DA-4521-888D-25F92490F56C}C:\riot games\league of legends\leagueclientuxrender.exe] => (Allow) C:\riot games\league of legends\leagueclientuxrender.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{3AAA635E-A8DD-458D-B4DF-FC6A5381FD4A}C:\riot games\league of legends\leagueclientuxrender.exe] => (Allow) C:\riot games\league of legends\leagueclientuxrender.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{3FA32044-1BBE-48D3-A28B-273ADE50DE17}] => (Allow) C:\Users\usuario\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{D49B1FC7-EF48-4883-8C3F-065C69C01EC4}] => (Allow) C:\Users\usuario\AppData\Roaming\Zoom\bin\airhost.exe => Ningún archivo FirewallRules: [{F6025657-4C22-4F09-B02E-BA9B24E8BD09}] => (Allow) C:\Users\usuario\AppData\Roaming\Zoom\bin\airhost.exe => Ningún archivo FirewallRules: [{CDF33E0A-2503-4746-878E-54A97B16501E}] => (Allow) C:\Program Files\Razer\RzAppEngine\rzappengine.exe (Razer USA Ltd. -> Razer Inc.) FirewallRules: [{1AA0117E-F94E-4547-8A74-C2D23C0EC1D2}] => (Allow) C:\Program Files\reWASD\reWASDEngine.exe (SIA AVB Disc Soft -> Disc Soft Ltd) FirewallRules: [{DDA8A0A4-7FAA-4986-B244-A01BFB9FA725}] => (Allow) C:\Program Files\reWASD\reWASDEngine.exe (SIA AVB Disc Soft -> Disc Soft Ltd) FirewallRules: [{0763FA8B-13DC-42BD-B99D-543298F2EC1D}] => (Allow) C:\Program Files\reWASD\reWASD.exe (SIA AVB Disc Soft -> Disc Soft Ltd) FirewallRules: [{DCE63CC2-F122-427C-B7AF-92F5E4BC361B}] => (Allow) C:\Program Files\reWASD\reWASD.exe (SIA AVB Disc Soft -> Disc Soft Ltd) FirewallRules: [{C4C09273-85B5-4D03-B654-B0CF2DA9B224}] => (Allow) LPort=35474 FirewallRules: [{C580A955-82BA-48BD-8301-11E57F0838A4}] => (Allow) LPort=35475 FirewallRules: [{256CC001-2CBF-41F1-B4AE-89965302B609}] => (Allow) LPort=35476 FirewallRules: [TCP Query User{245AB79B-172D-4FB8-8B67-A12CE718E9B1}C:4\game\aoe2de.exe] => (Allow) C:4\game\aoe2de.exe => Ningún archivo FirewallRules: [UDP Query User{4C4B344B-7290-420F-96AD-C5E9BC85E79C}C:4\game\aoe2de.exe] => (Allow) C:4\game\aoe2de.exe => Ningún archivo FirewallRules: [TCP Query User{9B94B16E-34C0-4DF7-A1BB-67A772C55491}C:4\game\battleserver\battleserver.exe] => (Allow) C:4\game\battleserver\battleserver.exe => Ningún archivo FirewallRules: [UDP Query User{2687301D-3E1F-46E5-9F98-28CA72D60C64}C:4\game\battleserver\battleserver.exe] => (Allow) C:4\game\battleserver\battleserver.exe => Ningún archivo FirewallRules: [TCP Query User{63A8ACA7-75C7-4F84-9C26-F0790BE208D5}C:5\game\aoe2de.exe] => (Allow) C:5\game\aoe2de.exe => Ningún archivo FirewallRules: [UDP Query User{2BE9D718-417F-4082-A92F-D3F8DA48FE2E}C:5\game\aoe2de.exe] => (Allow) C:5\game\aoe2de.exe => Ningún archivo FirewallRules: [TCP Query User{2BBDD30C-0391-4B5A-B163-0078205847C8}C:5\game\battleserver\battleserver.exe] => (Allow) C:5\game\battleserver\battleserver.exe => Ningún archivo FirewallRules: [UDP Query User{D70B8781-B611-420A-9B29-53DD8D977BC7}C:5\game\battleserver\battleserver.exe] => (Allow) C:5\game\battleserver\battleserver.exe => Ningún archivo FirewallRules: [TCP Query User{3AFC137E-277E-4401-9E6B-6716047D3C98}C:\program files\modifiablewindowsapps\taiko no tatsujin\taiko no tatsujin.exe] => (Allow) C:\program files\modifiablewindowsapps\taiko no tatsujin\taiko no tatsujin.exe => Ningún archivo FirewallRules: [UDP Query User{5597BFA6-A46B-4F98-BD92-603AEF967BB6}C:\program files\modifiablewindowsapps\taiko no tatsujin\taiko no tatsujin.exe] => (Allow) C:\program files\modifiablewindowsapps\taiko no tatsujin\taiko no tatsujin.exe => Ningún archivo FirewallRules: [{7748C2F0-5ED8-4C5D-AF7D-276C72994083}] => (Allow) C:\Program Files\Microsoft Power BI Desktop\bin\msmdsrv.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5EC40108-91B2-495F-86D1-94CB12CDE4C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [{811338FB-CB05-4474-883F-FB7528E0DF5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [TCP Query User{3AB5F1A9-D6D5-40C3-BE61-88A131CDD0D6}C:\users\usuario\appdata\roaming\bittorrent\updates\bittorrent.exe] => (Allow) C:\users\usuario\appdata\roaming\bittorrent\updates\bittorrent.exe => Ningún archivo FirewallRules: [UDP Query User{36B30B62-F2DC-47BA-8257-E23682DD624C}C:\users\usuario\appdata\roaming\bittorrent\updates\bittorrent.exe] => (Allow) C:\users\usuario\appdata\roaming\bittorrent\updates\bittorrent.exe => Ningún archivo FirewallRules: [TCP Query User{07B9DBDF-295D-48C5-8A6D-1FC78297F3A5}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games) FirewallRules: [UDP Query User{F88254CA-01B1-479D-9DE4-4A0859DF4B6B}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games) FirewallRules: [{279CBFA2-219D-4E2A-B246-C059B07AEE76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta, Kristjan -> ) FirewallRules: [{56DD0BD1-83EE-43F2-87E8-D8666BBA960D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta, Kristjan -> ) FirewallRules: [TCP Query User{081C66B9-E103-4159-A0F0-69AAA8635B72}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{EB032241-5665-46D2-B2E4-343ADF684264}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [TCP Query User{DC7F0032-DD32-4013-B1FE-552ED8E796FD}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{4E1384C6-0EFB-43DE-A81C-F43AE5E5FCCD}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{AC5C0E82-01C0-4A41-852D-F4C4ED58BF4A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{C033485B-4D39-4400-82F4-E747AAED65AE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{1C0B5809-B520-4D7B-92BB-FC1547A50D79}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{3FE1677D-710E-4DA2-8429-A67092EA217F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{4003C46B-4DEF-47C9-9F35-36533875ABC2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{B447D04D-294C-45FC-9571-BB6C790D7F72}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{DEBCB6F5-1BE7-44FA-B60F-70F94848D31F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{5F7D03D8-5899-47AD-B630-EE6E7C6BA386}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{4566AF38-6619-4701-BA80-BD2C8F119C7A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.97\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{681928C1-EEBC-40DA-8069-0A627D2D8CAE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{F15A83DA-766D-44BA-B060-4E2326F81EB4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{7F7D009A-95A0-4ABE-83CF-421E0DEF41C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{3C87019D-E3F5-46E3-82FF-72BECE626898}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{DCC9FD42-BB1E-4F53-8369-C66831E24A25}] => (Allow) C:\Users\usuario\Downloads\Nueva carpeta (7)\KMSPico\AutoPico.exe => Ningún archivo FirewallRules: [{C463701F-8A2F-4EBB-94F8-58631EC6B4EB}] => (Allow) C:\Users\usuario\Downloads\Nueva carpeta (7)\KMSPico\AutoPico.exe => Ningún archivo FirewallRules: [{4A75A2DB-7EAC-49F9-8287-542B59CE202B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{F548B686-B208-439D-A1B8-8C49F5557179}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{F233C956-8806-4692-A913-9057CDF6935C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{3C70774D-4E6E-4C1F-ACC1-C060796BB16E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{42949646-0BBD-49C2-8E87-8CC84D275F4D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{A3F5A240-9EAC-4E37-A180-28C0D5E9CD68}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{E966578A-BA7A-4570-BF3F-5D09E22663C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{E2094E20-3E96-4852-B03B-4F0ED6B5DFE6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{71EDE784-C7A9-4E17-96C0-EE7775C15114}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{2E723EB3-1A89-44E3-8EFD-00C5A850A9E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{985DCEFD-56C6-453D-A382-4174C2673B11}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) ==================== Puntos de Restauración ========================= 21-05-2024 12:04:26 {25AE4E5E-13B6-453C-ADB7-D1BACB9817B6} ==================== Dispositivos defectuosos en el Administrador de dispositivos ============ ==================== Errores del registro de eventos: ======================== Errores de aplicación: ================== Error: (05/25/2024 08:29:54 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY) Description: Error en la inicialización de la inscripción de certificados de SCEP para WORKGROUP\DESKTOP-URE9Q0L$ a través de https://AMD-KeyId-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Sun, 26 May 2024 00:29:53 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: ac29b2a4-d159-4966-ba75-1117abc62163 Método: GET(687ms) Fase: GetCACaps No encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (05/25/2024 02:35:15 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY) Description: Error en la inicialización de la inscripción de certificados de SCEP para WORKGROUP\DESKTOP-URE9Q0L$ a través de https://AMD-KeyId-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Sat, 25 May 2024 18:35:13 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: b5f9a2c2-3ca2-4216-a473-22e40ba99bae Método: GET(844ms) Fase: GetCACaps No encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (05/25/2024 02:34:20 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.. Error: (05/25/2024 02:34:20 PM) (Source: VSS) (EventID: 13) (User: ) Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.] Error: (05/25/2024 02:26:14 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: El programa ZHPCleaner.exe (versión 2024.5.17.16) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento. Id. de proceso: 31d0 Hora de Inicio: 01daaecf042de850 Hora de finalización: 7 Ruta de la aplicación: C:\Users\usuario\Downloads\ZHPCleaner.exe Id. de informe: 50f82099-59b8-44db-aa05-a06ba9359056 Nombre completo del paquete con errores: Id. de la aplicación relativa al paquete con errores: Tipo de bloqueo: Unknown Error: (05/25/2024 01:46:12 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY) Description: Error en la inicialización de la inscripción de certificados de SCEP para WORKGROUP\DESKTOP-URE9Q0L$ a través de https://AMD-KeyId-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Sat, 25 May 2024 17:46:16 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 2f35124e-657c-4ae6-abb0-e6bf77d3fd12 Método: GET(844ms) Fase: GetCACaps No encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (05/25/2024 01:26:07 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY) Description: Error en la inicialización de la inscripción de certificados de SCEP para WORKGROUP\DESKTOP-URE9Q0L$ a través de https://AMD-KeyId-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Sat, 25 May 2024 17:26:10 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 0ea10688-b645-43b0-802d-fbf32efb369d Método: GET(719ms) Fase: GetCACaps No encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (05/25/2024 12:34:17 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY) Description: Error en la inicialización de la inscripción de certificados de SCEP para WORKGROUP\DESKTOP-URE9Q0L$ a través de https://AMD-KeyId-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Sat, 25 May 2024 16:34:20 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 780c5b62-ce23-4e18-b59b-c1645b4afef6 Método: GET(985ms) Fase: GetCACaps No encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Errores del sistema: ============= Error: (05/26/2024 06:00:00 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY) Description: La actualización de arranque seguro no pudo actualizar una variable de arranque seguro con el error -2147020471. Para más información, consulta https://go.microsoft.com/fwlink/?linkid=2169931 Error: (05/26/2024 06:00:01 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY) Description: La actualización de arranque seguro no pudo actualizar una variable de arranque seguro con el error -2147020471. Para más información, consulta https://go.microsoft.com/fwlink/?linkid=2169931 Error: (05/25/2024 08:36:36 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY) Description: La actualización de arranque seguro no pudo actualizar una variable de arranque seguro con el error -2147020471. Para más información, consulta https://go.microsoft.com/fwlink/?linkid=2169931 Error: (05/25/2024 08:31:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio Google Update Servicio (gupdate) no pudo iniciarse debido al siguiente error: El servicio no respondió a tiempo a la solicitud de inicio o de control. Error: (05/25/2024 08:31:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Google Update Servicio (gupdate). Error: (05/25/2024 08:29:46 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY) Description: La actualización de arranque seguro no pudo actualizar una variable de arranque seguro con el error -2147020471. Para más información, consulta https://go.microsoft.com/fwlink/?linkid=2169931 Error: (05/25/2024 08:29:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio GameInput Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1000 milisegundos: Reiniciar el servicio. Error: (05/25/2024 08:29:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: El servicio GameInput Service se cerró con el siguiente error: El archivo compuesto GameInput Service se creó con una versión de almacenamiento más reciente. Windows Defender: ================ Date: 2024-05-25 14:25:40 Description: El examen de Antivirus de Microsoft Defender se detuvo antes de completarse. Id. de examen: {EC1ACCA8-5F8B-4CBB-84DF-C4EF23A5B4D0} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: DESKTOP-URE9Q0L\usuario Date: 2024-05-25 14:24:53 Description: Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nombre: HackTool:Win32/AutoKMS Id.: 2147685180 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Users\usuario\Downloads\123\KMSpico\KMSpico\activate.exe Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Protección en tiempo real Usuario: DESKTOP-URE9Q0L\usuario Nombre de proceso: C:\Users\usuario\Downloads\ZHPCleaner.exe Versión de inteligencia de seguridad: AV: 1.411.350.0, AS: 1.411.350.0, NIS: 1.411.350.0 Versión de motor: AM: 1.1.24040.1, NIS: 1.1.24040.1 Date: 2024-05-25 14:24:50 Description: Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKms!pz&threatid=2147890692&enterprise=0 Nombre: HackTool:MSIL/AutoKms!pz Id.: 2147890692 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Users\usuario\Downloads\123\KMSpico\KMSpico\KMSpico\KMSELDI.exe; file:_C:\Users\usuario\Downloads\KSM\KMSpico\KMSpico\KMSpico\KMSELDI.exe Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Protección en tiempo real Usuario: DESKTOP-URE9Q0L\usuario Nombre de proceso: C:\Users\usuario\Downloads\ZHPCleaner.exe Versión de inteligencia de seguridad: AV: 1.411.350.0, AS: 1.411.350.0, NIS: 1.411.350.0 Versión de motor: AM: 1.1.24040.1, NIS: 1.1.24040.1 Date: 2024-05-25 14:24:37 Description: Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKms&threatid=2147711767&enterprise=0 Nombre: HackTool:MSIL/AutoKms Id.: 2147711767 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Users\usuario\Downloads\123\KMSpico\KMSpico\KMSELDI.exe; file:_C:\Users\usuario\Downloads\KSM\KMSpico\KMSpico\KMSELDI.exe Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Protección en tiempo real Usuario: DESKTOP-URE9Q0L\usuario Nombre de proceso: C:\Users\usuario\Downloads\ZHPCleaner.exe Versión de inteligencia de seguridad: AV: 1.411.350.0, AS: 1.411.350.0, NIS: 1.411.350.0 Versión de motor: AM: 1.1.24040.1, NIS: 1.1.24040.1 Date: 2024-05-25 14:24:36 Description: Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nombre: HackTool:Win32/AutoKMS Id.: 2147685180 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Users\usuario\Downloads\123\KMSpico\KMSpico\activate.exe Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Protección en tiempo real Usuario: DESKTOP-URE9Q0L\usuario Nombre de proceso: C:\Users\usuario\Downloads\ZHPCleaner.exe Versión de inteligencia de seguridad: AV: 1.411.350.0, AS: 1.411.350.0, NIS: 1.411.350.0 Versión de motor: AM: 1.1.24040.1, NIS: 1.1.24040.1 Event[0]: Date: 2024-05-25 13:45:11 Description: Antivirus de Microsoft Defender encontró un error al intentar actualizar la inteligencia de seguridad e intentará revertir a una versión anterior. Inteligencia de seguridad intentada: Copia de seguridad Código de error: 0x80004004 Descripción del error: Operación anulada Versión de inteligencia de seguridad: 1.411.350.0;1.411.350.0 Versión del motor: 1.1.24040.1 Date: 2024-05-25 13:45:11 Description: Antivirus de Microsoft Defender encontró un error al intentar actualizar la inteligencia de seguridad e intentará revertir a una versión anterior. Inteligencia de seguridad intentada: Actual Código de error: 0x80501102 Descripción del error: Problema inesperado. Instala todas las actualizaciones disponibles e intenta iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulta Ayuda y soporte técnico. Versión de inteligencia de seguridad: 1.411.356.0;1.411.356.0 Versión del motor: 1.1.24040.1 Date: 2023-11-01 02:59:20 Description: Antivirus de Microsoft Defender encontró un error al intentar actualizar la inteligencia de seguridad e intentará revertir a una versión anterior. Inteligencia de seguridad intentada: Actual Código de error: 0x80501102 Descripción del error: Problema inesperado. Instala todas las actualizaciones disponibles e intenta iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulta Ayuda y soporte técnico. Versión de inteligencia de seguridad: 1.399.1651.0;1.399.1651.0 Versión del motor: 1.1.23090.2007 Date: 2023-09-04 16:26:40 Description: Antivirus de Microsoft Defender encontró un error al intentar actualizar la inteligencia de seguridad e intentará revertir a una versión anterior. Inteligencia de seguridad intentada: Actual Código de error: 0x80501102 Descripción del error: Problema inesperado. Instala todas las actualizaciones disponibles e intenta iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulta Ayuda y soporte técnico. Versión de inteligencia de seguridad: 1.397.358.0;1.397.358.0 Versión del motor: 1.1.23080.2005 Date: 2023-05-28 18:19:22 Description: Antivirus de Microsoft Defender encontró un error al intentar actualizar la inteligencia de seguridad e intentará revertir a una versión anterior. Inteligencia de seguridad intentada: Actual Código de error: 0x80501102 Descripción del error: Problema inesperado. Instala todas las actualizaciones disponibles e intenta iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulta Ayuda y soporte técnico. Versión de inteligencia de seguridad: 1.389.2608.0;1.389.2608.0 Versión del motor: 1.1.20300.3 CodeIntegrity: =============== Date: 2024-05-26 19:07:30 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. ==================== Información de la memoria =========================== BIOS: American Megatrends Inc. 5603 10/14/2020 Placa base: ASUSTeK COMPUTER INC. PRIME A320M-K Procesador: AMD Ryzen 5 3400G with Radeon Vega Graphics Porcentaje de memoria en uso: 41% RAM física total: 14269.78 MB RAM física disponible: 8315.32 MB Virtual total: 16445.78 MB Virtual disponible: 8728.04 MB ==================== Unidades ================================ Drive c: () (Fixed) (Total:446.52 GB) (Free:99.82 GB) (Model: CT480BX500SSD1) NTFS \\?\Volume{95fdb89b-9959-4992-bb18-afbaf6d4f7af}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS \\?\Volume{1a324be8-b94b-476e-8dbe-685f82a3e216}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tabla de particiones ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000) Partition: GPT. ==================== Final de Addition.txt =======================