Avast me muestra un cuadro de "amenaza resuelta" HTML:Script-inf¨(Susp) cada vez que ingreso al navegador

Parte 3:


==================== Información de la memoria =========================== 

BIOS: Insyde Corp. V1.31 06/29/2020
Placa base: CFL Octavia_CFS
Procesador: Intel(R) Core(TM) i5-9300H CPU @ 2.40GHz
Porcentaje de memoria en uso: 71%
RAM física total: 12125.05 MB
RAM física disponible: 3513.91 MB
Virtual total: 19805.05 MB
Virtual disponible: 7076.8 MB

==================== Unidades ================================

Drive c: (Acer) (Fixed) (Total:475.82 GB) (Free:96.39 GB) NTFS

\\?\Volume{4a791c73-f3b6-4c16-861b-47c3320bead1}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.56 GB) NTFS
\\?\Volume{0f6c2593-bc0f-4274-8578-6f9d514bec97}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: DCAE3482)

Partition: GPT.

==================== Final de Addition.txt =======================

Hola nuevamente,

Hay bastantes cosas de las que ocuparse en tu equipo :thinking: Si te parece vamos por partes para no saturarte de pasos.

Realiza lo siguiente:

:one: Veo rastros de Norton, por lo que te recomiendo descargar y ejecutar su herramienta de desinstalación:

:two: Descarga y ejecuta Argente registry cleaner: de cualquiera de los siguientes links:

Argente Registry Cleaner - Versión completa

Argente Registry Cleaner - Versión portable

Si al ejecutar te pregunta sobre activar el mantenimiento automático dile que NO. Después has que busque y repare todos los errores que encuentre.

:three: Crea una copia de seguridad del registro con Registry Backup, no importa si es la versión portable o instalable:

Tweaking Registry Backup

  • Después de instalar o descomprimir ejecuta el programa (de ser portable es el ejecutable TweakingRegistryBackup.exe).
  • Asegurate que en la pestaña Registry Backup este todo marcado.
  • En Backup Name puedes dejarlo por defecto o asignar algún nombre
  • Presiona el botón BackUp now

:four: Deshabilita nuevamente tu antivirus: ¿Cómo deshabilitar temporalmente su Antivirus?

:five: En el equipo, con los demás programas cerrados abra el notepad; puede abrirlo en la barra de búsqueda de windows y escribiendo notepad.exe

Posteriormente, copie y pegue este script de reparación dentro del Notepad comenzando en Start y terminando en End:

Start
SystemRestore: On
CreateRestorePoint:
CloseProcesses:

HKLM-x32\...\Run: [haleng] => C:\Users\CESARA~1\AppData\Local\Temp\haleng.ex (Ningún archivo) <==== ATENCIÓN
C:\Users\CESARA~1\AppData\Local\Temp\haleng.ex
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Ningún archivo)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [utweb] => "C:\Users\CESAR AUGUSTO\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (Ningún archivo)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [asdsdagsda.exe] => C:\Users\CESARA~1\AppData\Local\Temp\1000025001\asdsdagsda.exe (Ningún archivo) <==== ATENCIÓN
C:\Users\CESARA~1\AppData\Local\Temp\1000025001
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\MountPoints2: D - "D:\setup.exe" 
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {05294B83-83D8-474D-92AF-D296176CD509} - System32\Tasks\Opera scheduled Autoupdate 1624391072 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Ningún archivo)
Task: {23B0E12B-9B0D-41D9-AF13-004D09D3E0C9} - System32\Tasks\Firefox Default Browser Agent D2BCC463C39A6988 => C:\Users\CESAR AUGUSTO\AppData\Roaming\acbtsbr.exe (Ningún archivo) <==== ATENCIÓN
Task: {51DD04E2-D717-456B-89AF-4556617CFE34} - System32\Tasks\NortonLifeLock Trial Agent V2 => C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NLOKTrialAgentV2.exe /scheduled (Ningún archivo)
C:\ProgramData\Norton
Task: {8EDC8909-A79B-4A8D-8F68-B84B873EF486} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Ningún archivo)
Task: {CA2B69F0-4B5A-4707-9E03-3C1517A9EA62} - System32\Tasks\Opera scheduled Autoupdate 1624259783 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Ningún archivo)
Task: {FD430763-287C-4A6C-8B3A-EE37967C8D54} - System32\Tasks\mjlooy.exe => C:\Users\CESARA~1\AppData\Local\Temp\b4af406cd1\mjlooy.exe (Ningún archivo) <==== ATENCIÓN
C:\Users\CESARA~1\AppData\Local\Temp\b4af406cd1
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
FF HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\CESAR AUGUSTO\AppData\Roaming\IDM\idmmzcc5 => no encontrado
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [57360 2021-03-31] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [47016 2021-03-31] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)
S2 FlexNet Licensing Service; "C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe" [X]
S3 GoogleChromeElevationService; "C:\Program Files\Google\Chrome\Application\97.0.4692.71\elevation_service.exe" [X]
S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X]
2022-01-19 02:34 - 2022-01-22 00:30 - 000002604 _____ C:\WINDOWS\system32\Tasks\mjlooy.exe
2022-01-19 02:34 - 2022-01-20 19:10 - 000000000 ____D C:\Program Files (x86)\ooPWmVcYoOUn
2022-01-19 02:34 - 2022-01-19 08:48 - 000000000 ____D C:\Program Files (x86)\uRMdWzxOLxDU2
2022-01-19 02:34 - 2022-01-19 08:48 - 000000000 ____D C:\Program Files (x86)\uakOxkYKU
2022-01-19 02:34 - 2022-01-19 08:48 - 000000000 ____D C:\Program Files (x86)\LRejWUicAsHpC
2022-01-19 02:34 - 2022-01-19 08:48 - 000000000 ____D C:\Program Files (x86)\DnQSPaWaTKoSTCBOKjR
2022-01-19 02:33 - 2022-01-26 14:53 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\fB9oV
2022-01-19 02:33 - 2022-01-19 02:33 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\mC6fU
2022-01-19 02:32 - 2022-01-26 14:53 - 000000000 ____D C:\Program Files\Common Files\RJXHDPBSQE
2022-01-19 02:32 - 2022-01-19 02:32 - 000000000 ____D C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF
2022-01-26 14:53 - 2021-06-21 12:21 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\nW6mI-7yS1k
2022-01-26 14:53 - 2021-06-21 11:18 - 000000000 ____D C:\ProgramData\60
2022-01-26 14:53 - 2021-06-21 11:17 - 000000000 ____D C:\ProgramData\66
2022-01-19 02:32 - 2021-06-21 11:18 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Yandex
2021-06-21 12:31 - 2021-06-21 12:31 - 000000043 _____ () C:\Users\CESAR AUGUSTO\AppData\Roaming\3ffa.3ffa
C:\PROGRAMDATA\60JJKERYYBO5BTQJMQK5NXCBT
C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF
C:\ProgramData\9IMRLLTFAKFIPBHYSODZRSF6M
C:\ProgramData\LY96I7QIGURIWEWWNQH2788N8
C:\PROGRAMDATA\vRjWVZiFJDjxVXVB
AV: Norton Security Ultra (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Norton Security Ultra (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
FW: Norton Security Ultra (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security Ultra (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> Ningún archivo
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> Ningún archivo
AlternateDataStreams: C:\Users\CESAR AUGUSTO\Datos de programa:eb92b835a834003ac00ee2632de0e925 [394]
AlternateDataStreams: C:\Users\CESAR AUGUSTO\AppData\Roaming:eb92b835a834003ac00ee2632de0e925 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [9270]
SearchScopes: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001 -> DefaultScope {828C1182-676C-438B-886C-A282A60B46E7} URL = 
SearchScopes: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001 -> {828C1182-676C-438B-886C-A282A60B46E7} URL = 

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers 
EmptyTemp:
End
  • Vaya a Archivo y selecciona Guardar Como.
  • En la parte de Codificación elija Unicode o UTF8 según le de la opción.
  • Guárdelo bajo el nombre de fixlist.txt en el escritorio al igual que FRST. Esto es muy importante.

¡:warning:ATENCIÓN! El anterior Script de reparación fue hecho específicamente por un miembro del Staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo

  • Ejecute Frst.exe. y presione el botón Fix / Corregir
  • Espere pacientemente a que termine y no use el equipo. Al terminar el equipo podría reiniciarse
  • La Herramienta guardará el reporte en su escritorio (Fixlog.txt).

Nos traerías el reporte Fixlog.txt con comentarios de como sigue todo. Ya de ahí pasaríamos a la parte dos de las reparaciones.

Saludos

2 Me gusta

Listo amigo, ya hice todo lo que me dijo y este es el reporte de Fixlog.txt :

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 26-01-2022
Ejecutado por CESAR AUGUSTO (27-01-2022 23:26:57) Run:1
Ejecutado desde C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Desktop
Perfiles cargados: CESAR AUGUSTO
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
Start
SystemRestore: On
CreateRestorePoint:
CloseProcesses:

HKLM-x32\...\Run: [haleng] => C:\Users\CESARA~1\AppData\Local\Temp\haleng.ex (Ningún archivo) <==== ATENCIÓN
C:\Users\CESARA~1\AppData\Local\Temp\haleng.ex
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Ningún archivo)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [utweb] => "C:\Users\CESAR AUGUSTO\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (Ningún archivo)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [asdsdagsda.exe] => C:\Users\CESARA~1\AppData\Local\Temp\1000025001\asdsdagsda.exe (Ningún archivo) <==== ATENCIÓN
C:\Users\CESARA~1\AppData\Local\Temp\1000025001
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\MountPoints2: D - "D:\setup.exe" 
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {05294B83-83D8-474D-92AF-D296176CD509} - System32\Tasks\Opera scheduled Autoupdate 1624391072 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Ningún archivo)
Task: {23B0E12B-9B0D-41D9-AF13-004D09D3E0C9} - System32\Tasks\Firefox Default Browser Agent D2BCC463C39A6988 => C:\Users\CESAR AUGUSTO\AppData\Roaming\acbtsbr.exe (Ningún archivo) <==== ATENCIÓN
Task: {51DD04E2-D717-456B-89AF-4556617CFE34} - System32\Tasks\NortonLifeLock Trial Agent V2 => C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NLOKTrialAgentV2.exe /scheduled (Ningún archivo)
C:\ProgramData\Norton
Task: {8EDC8909-A79B-4A8D-8F68-B84B873EF486} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Ningún archivo)
Task: {CA2B69F0-4B5A-4707-9E03-3C1517A9EA62} - System32\Tasks\Opera scheduled Autoupdate 1624259783 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Ningún archivo)
Task: {FD430763-287C-4A6C-8B3A-EE37967C8D54} - System32\Tasks\mjlooy.exe => C:\Users\CESARA~1\AppData\Local\Temp\b4af406cd1\mjlooy.exe (Ningún archivo) <==== ATENCIÓN
C:\Users\CESARA~1\AppData\Local\Temp\b4af406cd1
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
FF HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\CESAR AUGUSTO\AppData\Roaming\IDM\idmmzcc5 => no encontrado
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [57360 2021-03-31] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [47016 2021-03-31] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)
S2 FlexNet Licensing Service; "C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe" [X]
S3 GoogleChromeElevationService; "C:\Program Files\Google\Chrome\Application\97.0.4692.71\elevation_service.exe" [X]
S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X]
2022-01-19 02:34 - 2022-01-22 00:30 - 000002604 _____ C:\WINDOWS\system32\Tasks\mjlooy.exe
2022-01-19 02:34 - 2022-01-20 19:10 - 000000000 ____D C:\Program Files (x86)\ooPWmVcYoOUn
2022-01-19 02:34 - 2022-01-19 08:48 - 000000000 ____D C:\Program Files (x86)\uRMdWzxOLxDU2
2022-01-19 02:34 - 2022-01-19 08:48 - 000000000 ____D C:\Program Files (x86)\uakOxkYKU
2022-01-19 02:34 - 2022-01-19 08:48 - 000000000 ____D C:\Program Files (x86)\LRejWUicAsHpC
2022-01-19 02:34 - 2022-01-19 08:48 - 000000000 ____D C:\Program Files (x86)\DnQSPaWaTKoSTCBOKjR
2022-01-19 02:33 - 2022-01-26 14:53 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\fB9oV
2022-01-19 02:33 - 2022-01-19 02:33 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\mC6fU
2022-01-19 02:32 - 2022-01-26 14:53 - 000000000 ____D C:\Program Files\Common Files\RJXHDPBSQE
2022-01-19 02:32 - 2022-01-19 02:32 - 000000000 ____D C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF
2022-01-26 14:53 - 2021-06-21 12:21 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\nW6mI-7yS1k
2022-01-26 14:53 - 2021-06-21 11:18 - 000000000 ____D C:\ProgramData\60
2022-01-26 14:53 - 2021-06-21 11:17 - 000000000 ____D C:\ProgramData\66
2022-01-19 02:32 - 2021-06-21 11:18 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Yandex
2021-06-21 12:31 - 2021-06-21 12:31 - 000000043 _____ () C:\Users\CESAR AUGUSTO\AppData\Roaming\3ffa.3ffa
C:\PROGRAMDATA\60JJKERYYBO5BTQJMQK5NXCBT
C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF
C:\ProgramData\9IMRLLTFAKFIPBHYSODZRSF6M
C:\ProgramData\LY96I7QIGURIWEWWNQH2788N8
C:\PROGRAMDATA\vRjWVZiFJDjxVXVB
AV: Norton Security Ultra (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Norton Security Ultra (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
FW: Norton Security Ultra (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security Ultra (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> Ningún archivo
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> Ningún archivo
AlternateDataStreams: C:\Users\CESAR AUGUSTO\Datos de programa:eb92b835a834003ac00ee2632de0e925 [394]
AlternateDataStreams: C:\Users\CESAR AUGUSTO\AppData\Roaming:eb92b835a834003ac00ee2632de0e925 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [9270]
SearchScopes: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001 -> DefaultScope {828C1182-676C-438B-886C-A282A60B46E7} URL = 
SearchScopes: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001 -> {828C1182-676C-438B-886C-A282A60B46E7} URL = 

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers 
EmptyTemp:
End
*****************

SystemRestore: On => completado
El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\haleng" => no encontrado
"C:\Users\CESARA~1\AppData\Local\Temp\haleng.ex" => no encontrado
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => eliminado correctamente
"HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Synchronizer" => no encontrado
"HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\Software\Microsoft\Windows\CurrentVersion\Run\\utweb" => no encontrado
"HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\Software\Microsoft\Windows\CurrentVersion\Run\\asdsdagsda.exe" => no encontrado
"C:\Users\CESARA~1\AppData\Local\Temp\1000025001" => no encontrado
"HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => eliminado correctamente
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D => eliminado correctamente
C:\ProgramData\NTUSER.pol => movido correctamente
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
HKLM\SOFTWARE\Policies\Google => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{05294B83-83D8-474D-92AF-D296176CD509}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05294B83-83D8-474D-92AF-D296176CD509}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1624391072 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1624391072" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{23B0E12B-9B0D-41D9-AF13-004D09D3E0C9}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23B0E12B-9B0D-41D9-AF13-004D09D3E0C9}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Firefox Default Browser Agent D2BCC463C39A6988 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Firefox Default Browser Agent D2BCC463C39A6988" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51DD04E2-D717-456B-89AF-4556617CFE34}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51DD04E2-D717-456B-89AF-4556617CFE34}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\NortonLifeLock Trial Agent V2 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NortonLifeLock Trial Agent V2" => eliminado correctamente
C:\ProgramData\Norton => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8EDC8909-A79B-4A8D-8F68-B84B873EF486}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EDC8909-A79B-4A8D-8F68-B84B873EF486}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CA2B69F0-4B5A-4707-9E03-3C1517A9EA62}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA2B69F0-4B5A-4707-9E03-3C1517A9EA62}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1624259783 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1624259783" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD430763-287C-4A6C-8B3A-EE37967C8D54}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD430763-287C-4A6C-8B3A-EE37967C8D54}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\mjlooy.exe => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\mjlooy.exe" => eliminado correctamente
"C:\Users\CESARA~1\AppData\Local\Temp\b4af406cd1" => no encontrado
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => eliminado correctamente
"HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\Software\Mozilla\SeaMonkey\Extensions\\[email protected]" => eliminado correctamente
HKLM\System\CurrentControlSet\Services\wuauserv => eliminado correctamente
wuauserv => servicio eliminado correctamente
wuauserv => servicio no encontrado.
FlexNet Licensing Service => servicio no encontrado.
GoogleChromeElevationService => servicio no encontrado.
Rockstar Service => servicio no encontrado.
"C:\WINDOWS\system32\Tasks\mjlooy.exe" => no encontrado
C:\Program Files (x86)\ooPWmVcYoOUn => movido correctamente
C:\Program Files (x86)\uRMdWzxOLxDU2 => movido correctamente
C:\Program Files (x86)\uakOxkYKU => movido correctamente
C:\Program Files (x86)\LRejWUicAsHpC => movido correctamente
C:\Program Files (x86)\DnQSPaWaTKoSTCBOKjR => movido correctamente
C:\Users\CESAR AUGUSTO\AppData\LocalLow\fB9oV => movido correctamente
C:\Users\CESAR AUGUSTO\AppData\LocalLow\mC6fU => movido correctamente
C:\Program Files\Common Files\RJXHDPBSQE => movido correctamente
C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF => movido correctamente
C:\Users\CESAR AUGUSTO\AppData\LocalLow\nW6mI-7yS1k => movido correctamente
C:\ProgramData\60 => movido correctamente
C:\ProgramData\66 => movido correctamente
C:\Users\CESAR AUGUSTO\AppData\Local\Yandex => movido correctamente
C:\Users\CESAR AUGUSTO\AppData\Roaming\3ffa.3ffa => movido correctamente
C:\PROGRAMDATA\60JJKERYYBO5BTQJMQK5NXCBT => movido correctamente
"C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF" => no encontrado
C:\ProgramData\9IMRLLTFAKFIPBHYSODZRSF6M => movido correctamente
C:\ProgramData\LY96I7QIGURIWEWWNQH2788N8 => movido correctamente
"C:\PROGRAMDATA\vRjWVZiFJDjxVXVB" => no encontrado
"AV: Norton Security Ultra (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}" => eliminado correctamente
"AV: Norton Security Ultra (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}" => eliminado correctamente
"FW: Norton Security Ultra (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}" => eliminado correctamente
"FW: Norton Security Ultra (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}" => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\PowerISO => no encontrado
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\PowerISO => no encontrado
C:\Users\CESAR AUGUSTO\Datos de programa => ":eb92b835a834003ac00ee2632de0e925" ADS eliminado correctamente
"C:\Users\CESAR AUGUSTO\AppData\Roaming" => ":eb92b835a834003ac00ee2632de0e925" ADS no encontrado.
C:\Users\Public\Shared Files => ":VersionCache" ADS eliminado correctamente
"HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => eliminado correctamente
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{828C1182-676C-438B-886C-A282A60B46E7} => eliminado correctamente

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 3 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 4 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios
est‚n desconectados.

Adaptador de Ethernet Radmin VPN:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv6 . . . . . . . . . . : fdfd::1a48:c78a
   V¡nculo: direcci¢n IPv6 local. . . : fe80::941a:51a4:7d4b:fab6%14
   Direcci¢n IPv4. . . . . . . . . . . . . . : 26.72.199.138
   M scara de subred . . . . . . . . . . . . : 255.0.0.0
   Puerta de enlace predeterminada . . . . . : 26.0.0.1

Adaptador de Ethernet Ethernet:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 3:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 4:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Wi-Fi:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.34
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.0.1

Adaptador de Ethernet Conexi¢n de red Bluetooth:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Teredo Tunneling Pseudo-Interface:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv6 . . . . . . . . . . : 2001:0:34e2:8f5c:cba:1b65:45ad:fdc3
   V¡nculo: direcci¢n IPv6 local. . . : fe80::cba:1b65:45ad:fdc3%13
   Puerta de enlace predeterminada . . . . . : 

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

{07A7B829-101C-4C66-A1DC-AA55AC9C6225} canceled.
1 out of 1 jobs canceled.

========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 26441040 B
Java, Flash, Steam htmlcache => 527325819 B
Windows/system/drivers => 4307498 B
Edge => 1008487 B
Chrome => 1205741071 B
Firefox => 22176233 B
Opera => 14611121 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 183318 B
NetworkService => 45664250 B
CESAR AUGUSTO => 229842702 B

RecycleBin => 1059 B
EmptyTemp: => 1.9 GB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 23:28:18 ====

El aviso de avast me sigue apareciendo, y bueno, ya que me estan ayudando, hay otro problema que tambien vino desde que descargué el virus, el cual es que hay aplicaciones que no se inician automáticamente cuando antes si lo hacían, he mirado más al respecto y me di cuenta que en el apartado de administrador de tareas en la parte de inicio, que es donde uno podia ver las aplicaciones, no me aparece ninguna, me sale en blanco, no sé si sepan algo sobre eso.

Saludos.

Hola nuevamente,

¿El aviso te lo da el antivirus en una página en específico o en cualquiera?

Realiza lo siguiente (si necesitas imprime, saca captura o revisa las siguientes instrucciones desde tu móvil):

:one: Descarga DrWeb Cureit:

Dr.Web CureIt! | InfoSpyware >> Manual de Uso

Ejecuta Drweb según su manual considerando lo siguiente::

  • Ejecuta un análisis personalizado con los parámetros que indica el manual
  • Asegurate de poner el reporte en mínimo como indica el manual
  • Curas, Mueves y Eliminas, lo que encuentre según te de la opción y con ese orden de preferencia.
  • Si te detecta el archivo Hosts puedes permitir que DrWeb lo restaure.
  • Al terminar, revisa el manual en la sección Informe de análisis obtener la parte del reporte que nos interesa.

:two: Descarga y descomprime Windows Repair Portable en cualquier lugar de fácil acceso.

Tweaking.com - Windows Repair Portable

  1. Ve a la carpeta del programa y abre Repair_Windows. Espera a que inicie y compruebe que el programa esta integro.
  2. Una vez abierto ve a la pestaña que dice Step 4: (Optional)
  3. Presiona el botón Check. Se abrirá una ventana negra que comenzara un escaneo, espera a que termine.
  4. Al terminar te indicará si encontró algún problema o no. Podrás cerrar la ventana presionando enter.Si alguno te pide reiniciar procedes.
    • En caso de que encuentre errores ve a la barra de búsqueda y escribe cmd y elige la primera aplicación que aparezca. Se abrirá una ventana negra. Copia y pega el siguiente código:
findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Desktop\sfcdetails.txt"

Esto generará un reporte en tu escritorio llamado sfcdetails. Por favor trae su contenido o adjúntalo en un mensaje.

:three: Inicia en modo seguro: Iniciar el PC en modo seguro

:four: Abre la carpeta de Windows Repair e inicia Repair_Windows. Espera a que inicie y ve a la pestaña Repairs-Main y selecciona la opción Open Repairs.

Se abrirá la ventana de reparaciones. En esta, dirígete al listado de la parte izquierda y marca las siguientes casillas:

  • 01 - Reset Registry Permissions
  • 02 - Reset File Permissions
  • 03 - Reset Service Permissions
  • 04 - Register SystemFiles
  • 05 - Repair WMI
  • 06 - Repair Windows Firewall
  • 10 - Remove Policies set by Infections
  • 13 - Repair Network
  • 14 - Remove Temp Files
  • 16 - Repair Windows Update
  • 18 - Repair Volume Shadow Copy Service
  • 20 - Repair MSI (Windows Installer)
  • 23 - Repair Windows Safe Mode
  • 25 - Restore Important Windows Services
  • 26 - Set Windows Services to default Startup
  • 29 - Repair Windows COM+ Unmarshalers
  • 31 - Restore UAC (User Account Control) Settings
  • 32 - Repair Performance Counters

Ya con esto seleccionado das en Start Repairs. Espera pacientemente a que termine. Una vez que lo haga reinicia en modo normal.

Nos traerías:

  • La parte final del reporte de Dr Web
  • De haber encontrado problemas nos traerías el archivo sfcdetails del paso :two:
  • Respuesta a mi duda y comentarios de como sigue el equipo.

Saludos

Hola nuevamente,

El reporte de Dr web:


Total 419532447836 bytes in 1684650 files scanned (3313982 objects)
Total 1684595 files (3313682 objects) are clean
Total 19 files are infected
Total 280 files are raised error condition
Scan time is 01:36:15.775

-----------------------------------------------------------------------------
Start curing
-----------------------------------------------------------------------------

No hubo problemas en el paso 2, y con respecto a tu duda, es cuando entro en cualquier página, sin importar de que sea: El equipo en general no he sentido cambios, sigue apareciéndome la alerta y lo que te comenté de las aplicaciones siguen sin iniciar automáticamente y me aparece en blanco lo de inicio igual

1 me gusta

Hola nuevamente,

El programa dice que detecto infecciones. ¿Las has eliminado? Revisa esa parte del reporte para revisar si vienen listados antes o después. Me interesaría saber que detecto. Si no puedes o no viene esa parte confirma si pudiste eliminarlos

También revisa en Windows update si hay alguna actualización disponible: Actualizar Windows - Soporte técnico de Microsoft

Recomiendo instalar cualquier cosa pendiente aunque lo principal es comprobar si puedes comprobar y que este funcionando.

De forma adicional, repite el escaneo con FRST de esta respuesta → Avast me muestra un cuadro de "amenaza resuelta" HTML:Script-inf¨(Susp) cada vez que ingreso al navegador - nº 9 por ErdrickBass

Nos traerías nuevos reportes. Al ser bastante grandes puedes adjuntarlos:

Un saludo

Hola, la verdad no sé como ver los archivos, lo que si es seguro es que los eliminé cuando hice la limpieza. Había unas cuantas actualizaciones y reparaciones de windows, ya las apliqué y los reportes nuevos son estos:

  1. Frst.txt :
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 26-01-2022
Ejecutado por CESAR AUGUSTO (administrador) sobre LAPTOP-PKMCITN5 (Acer Nitro AN515-54) (28-01-2022 20:03:50)
Ejecutado desde C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Desktop
Perfiles cargados: CESAR AUGUSTO
Plataforma: Microsoft Windows 10 Home Versión 20H2 19042.1466 (X64) Idioma: Español (México)
Navegador predeterminado: Edge
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\11.0.0.4854\AdskLicensingService\AdskLicensingService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Discord Inc. -> Discord Inc.) C:\Users\CESAR AUGUSTO\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(Famatech Corp. -> Famatech Corp.) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(GoTrustID Inc. -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe
(GoTrustID Inc. -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba355e1f8cdccc52\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba355e1f8cdccc52\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a84f31b20764b965\OneApp.IGCC.WinService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a6f2bd19df3d42e0\IntelCpHDCPSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a6f2bd19df3d42e0\IntelCpHeciSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_a9a8972288e9f3b5\RstMwService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\CESAR AUGUSTO\AppData\Local\Microsoft\OneDrive\22.002.0103.0004\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_a87281c4bd1a1369\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\82.0.4227.50\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\opera.exe <28>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Skutta, Kristjan -> ) C:\Program Files (x86)\wallpaper_engine\bin\wallpaperservice32_c.exe
(Skutta, Kristjan -> ) C:\Program Files (x86)\wallpaper_engine\wallpaper32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSysSvc64.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1093872 2020-04-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSvc64.exe [1464728 2019-01-31] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [221992 2020-12-09] (Autodesk, Inc. -> Autodesk)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321112 2020-06-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [668376 2021-05-10] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [2913648 2021-05-10] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [RadminVPN] => C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe [2109824 2021-12-20] (Famatech Corp. -> Famatech Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [Discord] => C:\Users\CESAR AUGUSTO\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [MicrosoftEdgeAutoLaunch_B6F392562D1EC895C9A9054596D11568] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKLM\...\Print\Monitors\EPSON L575 Series 64MonitorBE: C:\Windows\system32\E_YLMBMTE.DLL [180224 2014-03-04] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-26] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {0A241CEB-410F-47D2-9B9D-A244AED8993D} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {0DAA99BE-B328-4A05-AD87-74D0FFB106A0} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1615899705 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\launcher.exe [2192592 2021-12-22] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {1349AF54-8542-482E-8DF6-1468CE1A9F7A} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211136 2019-01-09] (Acer Incorporated -> Acer Incorporated)
Task: {13F8992E-0787-421E-8F51-A5963FB3F490} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-23] (Google LLC -> Google LLC)
Task: {198EC9DC-1712-4207-A390-C83D67CED7C5} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4969240 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
Task: {1DCA5B2B-01DA-43E7-8C97-5981269B93EF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F77793D-AA50-4F10-B9A8-A914B7ACC60F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {22109985-6699-4588-A002-69CC77337C26} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {22556C22-BD91-4776-89D2-388D85253577} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-23] (Google LLC -> Google LLC)
Task: {249BF8D8-C803-4EBE-B814-D83184833351} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268096 2019-01-09] (Acer Incorporated -> Acer Incorporated)
Task: {25752A4F-8265-49BA-AB7A-A0B95B3921F7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {26765FE8-1C67-4D8E-A4F9-1D0C9A8AA4CB} - System32\Tasks\Opera GX scheduled Autoupdate 1608758439 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\launcher.exe [2192592 2021-12-22] (Opera Software AS -> Opera Software)
Task: {26BDF35B-FFAF-4F10-950E-E05C6C46744F} - System32\Tasks\Opera scheduled assistant Autoupdate 1624259789 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {2848D67B-B468-42C9-8F9A-2764624705E5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {3995513C-F385-4C33-B6A1-767D11F62D71} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {3C86CD53-AE7E-45AC-9569-31E277B3A2B5} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {45635272-3F1F-4306-9ABF-BF1E5305B323} - System32\Tasks\GoTrust ID Driver => C:\Program Files\GoTrust ID Plugin\Resource\GO-Trust_ID_Driver.exe [63488 2019-08-02] (GoTrustID Inc. -> )
Task: {4C8B1A94-7BD1-42C8-AEC5-F56EB8D944F9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4FC6407D-F6EC-4C72-8D37-F60EDB6F2AB5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {5668B6C4-BD04-44A3-9E78-D99339F18A84} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5F649278-A052-42CE-A2C6-96BE4C73E512} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {5F8B70F6-3B6E-465B-888E-63FD75193946} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2962984 2020-07-27] (Acer Incorporated -> )
Task: {5FA511A7-2184-42B8-94C7-7A72677FE001} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {7148287A-5EAE-418F-9830-1596AEB4A588} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7615CD46-3B45-44EA-A2C4-0138C6CFE988} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2019-07-18] (Acer Incorporated -> Acer Incorporated)
Task: {764BEBE5-FEEF-4E79-878B-738996D37990} - System32\Tasks\Opera scheduled assistant Autoupdate 1624391081 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {8D21E0E2-D11C-4E6F-86D7-BE5D98E2A98E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {97FC14C4-98D0-4D97-844C-0AF0D670AE5C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1778456 2022-01-19] (Avast Software s.r.o. -> Avast Software)
Task: {9A383A7F-8E4D-4115-9ADC-5084E1D5ABCF} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [42024 2020-07-27] (Acer Incorporated -> )
Task: {9D416725-2AC0-435F-9603-28FF7671286C} - System32\Tasks\NitroSense => C:\Program Files\Acer\NitroSense Service\PSLauncher.exe [601904 2019-07-19] (Acer Incorporated -> Acer Incorporated)
Task: {9DDA5E13-467B-4B04-8B3C-F125E2A7559B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F9ED5F0-31B2-491E-882E-9AA16815C330} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4829224 2020-07-27] (Acer Incorporated -> )
Task: {A005E184-334C-4814-9B1D-C84DE454E937} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [65064 2020-03-16] (Acer Incorporated -> Acer)
Task: {BAC2E6E7-89A9-4640-A8D5-C51499FA08D2} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [447528 2020-09-10] (Acer Incorporated -> Acer Incorporated)
Task: {C01A2ECD-FB7B-4C94-AAF3-06B4EE97383A} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2770984 2020-09-10] (Acer Incorporated -> Acer Incorporated)
Task: {D6796CB2-1B5B-484D-B09D-BF244EB3152A} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4191328 2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC0A48B6-18A0-40EA-B870-11007E5437C2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E2C2598A-3DF4-4736-B357-A1F80347D000} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {E2F96AEF-C57E-4968-BBE5-7B737E3D0B2E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E574E134-AE74-4BC7-A397-11AD60F14E7D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FF4878B0-2DB8-47F7-B52A-1C4427715D33} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog9 17 %windir%\system32\vsocklib.dll => Ningún archivo 
Winsock: Catalog9 18 %windir%\system32\vsocklib.dll => Ningún archivo 
Winsock: Catalog9-x64 17 %windir%\system32\vsocklib.dll => Ningún archivo 
Winsock: Catalog9-x64 18 %windir%\system32\vsocklib.dll => Ningún archivo 
Tcpip\Parameters: [DhcpNameServer] 190.157.8.100 190.157.8.101
Tcpip\..\Interfaces\{e0d22745-d32f-4482-84fc-3856f54941cb}: [DhcpNameServer] 190.157.8.100 190.157.8.101

Edge: 
=======
Edge Profile: C:\Users\CESAR AUGUSTO\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-28]
Edge Extension: (T-Сashback — кэшбэк-сервис) - C:\Users\CESAR AUGUSTO\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odbmjgikedenicicookngdckhkjbebpd [2022-01-28]
Edge HKLM-x32\...\Edge\Extension: [odbmjgikedenicicookngdckhkjbebpd]

FireFox:
========
FF DefaultProfile: lc7ad3c0.default
FF ProfilePath: C:\Users\CESAR AUGUSTO\AppData\Roaming\Mozilla\Firefox\Profiles\lc7ad3c0.default [2022-01-27]
FF ProfilePath: C:\Users\CESAR AUGUSTO\AppData\Roaming\Mozilla\Firefox\Profiles\m2lglfcg.default-release [2022-01-27]
FF Extension: (Español (España) Language Pack) - C:\Users\CESAR AUGUSTO\AppData\Roaming\Mozilla\Firefox\Profiles\m2lglfcg.default-release\Extensions\[email protected] [2020-11-30]
FF Plugin: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-01-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-01-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-03] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\CESAR AUGUSTO\AppData\Local\Google\Chrome\User Data\System Profile [2022-01-27]
CHR HomePage: System Profile -> hxxps://www.google.com/
CHR StartupUrls: System Profile -> "hxxps://www.google.com/"
CHR Extension: (YoutubeDownloader) - C:\Users\CESAR AUGUSTO\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo [2022-01-19] [UpdateUrl:hxxps://clients75.google.com/service/update2/crx] <==== ATENCIÓN
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]

Opera: 
=======
OPR Profile: C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable [2022-01-27]
OPR DefaultSearchKeyword: Opera Stable -> find-it.pro
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-06-21]
OPR Extension: (YoutubeDownloader) - C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\pdfbhfjldacbdamjhomkgomeialekbng [2022-01-19]
StartMenuInternet: (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001) Opera GXStable - "C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [300584 2020-07-27] (Acer Incorporated -> Acer Incorporated)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1050920 2021-05-10] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [18673448 2020-11-17] (Autodesk, Inc. -> Autodesk)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8480848 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [452888 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1720088 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [452888 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8906088 2021-02-24] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2022-01-17] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-12] (Epic Games Inc. -> Epic Games, Inc.)
R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [17301280 2022-01-27] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 GoTrust ID Plugin; C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe [17408 2019-08-02] (GoTrustID Inc. -> GOTrustID Inc.)
R2 GoTrustID Service; C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe [246272 2019-08-02] (GoTrustID Inc. -> GOTrustID Inc.)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-03-31] (Microsoft Windows -> Microsoft Corporation)
S3 PSSvc; C:\Program Files\Acer\NitroSense Service\PSSvc.exe [820016 2019-07-19] (Acer Incorporated -> Acer Incorporated)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [465960 2020-09-10] (Acer Incorporated -> Acer Incorporated)
S3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [526888 2020-09-10] (Acer Incorporated -> Acer Incorporated)
R2 RvControlSvc; C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe [1058688 2021-12-20] (Famatech Corp. -> Famatech Corp.)
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [528160 2022-01-27] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14676264 2021-06-11] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [305984 2019-01-10] (Acer Incorporated -> Acer Incorporated)
R2 Wallpaper Engine Service; C:\Program Files (x86)\wallpaper_engine\bin\wallpaperservice32_c.exe [127648 2021-06-18] (Skutta, Kristjan -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Browser; %SystemRoot%\System32\browser.dll [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_a87281c4bd1a1369\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_a87281c4bd1a1369\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2022-01-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [42256 2021-03-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [59344 2021-03-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [76744 2022-01-28] (EnigmaSoft Limited -> EnigmaSoft Limited)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-10-31] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [70560 2018-09-03] (Realtek Semiconductor Corp. -> Realtek)
R3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [69048 2021-04-30] (Famatech Corp. -> Famatech Corp.)
R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [232792 2021-09-05] (Valve Corp. -> Valve Corporation)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-01-28 19:51 - 2022-01-28 19:51 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-01-28 18:57 - 2022-01-28 18:57 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2022-01-28 18:57 - 2022-01-28 18:57 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2022-01-28 18:57 - 2022-01-28 18:57 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-01-28 18:57 - 2022-01-28 18:57 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-01-28 18:57 - 2022-01-28 18:57 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2022-01-28 18:57 - 2022-01-28 18:57 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-28 18:57 - 2022-01-28 18:57 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-28 18:57 - 2022-01-28 18:57 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-28 18:56 - 2022-01-28 18:56 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2022-01-28 18:56 - 2022-01-28 18:56 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-01-28 18:56 - 2022-01-28 18:56 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2022-01-28 18:56 - 2022-01-28 18:56 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2022-01-28 18:56 - 2022-01-28 18:56 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-01-28 18:56 - 2022-01-28 18:56 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2022-01-28 18:56 - 2022-01-28 18:56 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-01-28 18:56 - 2022-01-28 18:56 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-01-28 18:56 - 2022-01-28 18:56 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-01-28 18:56 - 2022-01-28 18:56 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-01-28 18:49 - 2022-01-28 18:49 - 000000000 ___HD C:\$WinREAgent
2022-01-28 18:38 - 2022-01-28 18:38 - 000001150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-01-28 18:38 - 2022-01-28 18:38 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-01-28 14:44 - 2022-01-28 14:44 - 007333288 _____ (Tweaking.com) C:\Users\CESAR AUGUSTO\Downloads\tweaking.com_registry_backup_setup.exe
2022-01-28 14:44 - 2022-01-28 14:44 - 000019887 _____ C:\WINDOWS\Tweaking.com - Registry Backup Setup Log.txt
2022-01-28 14:44 - 2022-01-28 14:44 - 000002316 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2022-01-28 14:44 - 2022-01-28 14:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2022-01-28 14:44 - 2022-01-28 14:44 - 000000000 ____D C:\Program Files (x86)\Tweaking.com
2022-01-28 11:16 - 2022-01-28 11:16 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-LAPTOP-PKMCITN5-Windows-10-Home-(64-bit).dat
2022-01-28 11:16 - 2022-01-28 11:16 - 000000000 ____D C:\RegBackup
2022-01-28 11:15 - 2022-01-28 11:15 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-01-28 11:09 - 2022-01-28 11:10 - 000000000 ____D C:\Users\CESAR AUGUSTO\Downloads\Tweaking.com - Windows Repair
2022-01-28 03:20 - 2022-01-28 03:20 - 021882800 _____ (Intel Corporation) C:\Users\CESAR AUGUSTO\Downloads\setuprst.exe
2022-01-28 02:20 - 2022-01-28 10:23 - 000000000 ____D C:\Users\CESAR AUGUSTO\Doctor Web
2022-01-28 02:19 - 2022-01-28 02:19 - 265026960 ____N C:\Users\CESAR AUGUSTO\Downloads\gw4oto4a.exe
2022-01-27 23:29 - 2022-01-28 19:53 - 000076744 _____ (EnigmaSoft Limited) C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys
2022-01-27 21:49 - 2022-01-27 21:49 - 000000112 ___SH C:\bootTel.dat
2022-01-27 15:38 - 2022-01-27 23:20 - 000000000 ____D C:\Program Files\Argente - Registry Cleaner
2022-01-27 15:38 - 2022-01-27 21:54 - 000000988 _____ C:\Users\Public\Desktop\Argente - Registry Cleaner.lnk
2022-01-27 15:38 - 2022-01-27 21:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Argente - Registry Cleaner
2022-01-27 15:14 - 2022-01-27 15:14 - 000023689 _____ C:\Users\CESAR AUGUSTO\Downloads\Calculos laboratorio péndulo.xlsx
2022-01-26 14:35 - 2022-01-26 14:35 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\mbam
2022-01-26 14:20 - 2022-01-26 14:25 - 000000000 ____D C:\AdwCleaner
2022-01-24 21:27 - 2022-01-28 19:53 - 023855104 _____ C:\WINDOWS\system32\config\SYSTEM
2022-01-24 17:51 - 2022-01-28 20:04 - 000000000 ____D C:\FRST
2022-01-20 21:10 - 2022-01-20 21:10 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\Straight Back Games
2022-01-20 20:09 - 2022-01-27 13:04 - 000001083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk
2022-01-20 20:09 - 2022-01-20 20:09 - 000000000 ____D C:\sh5ldr
2022-01-20 20:09 - 2022-01-20 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2022-01-20 20:09 - 2022-01-20 20:09 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2022-01-20 20:08 - 2022-01-20 20:08 - 000000000 ____D C:\Program Files\EnigmaSoft
2022-01-20 01:55 - 2022-01-20 01:55 - 000000000 ___HD C:\$SysReset
2022-01-20 00:12 - 2022-01-20 00:36 - 000000000 ____D C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Documents\Descargas
2022-01-20 00:09 - 2022-01-20 00:11 - 000000000 ____D C:\Users\CESAR AUGUSTO\Downloads\Descargas
2022-01-19 23:39 - 2022-01-19 23:39 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\Intel
2022-01-19 23:25 - 2022-01-28 03:26 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2022-01-19 23:25 - 2022-01-19 23:25 - 000000000 ____D C:\Program Files\Common Files\Intel
2022-01-19 23:23 - 2022-01-19 23:23 - 000000000 ____D C:\Users\CESAR AUGUSTO\Intel
2022-01-19 23:14 - 2022-01-22 00:30 - 000003030 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2022-01-19 23:14 - 2022-01-22 00:30 - 000002738 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2022-01-19 23:14 - 2022-01-22 00:30 - 000002664 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2022-01-19 23:14 - 2021-07-23 11:36 - 000041816 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2022-01-19 23:01 - 2022-01-19 23:01 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Skype
2022-01-19 23:00 - 2020-10-05 14:16 - 000000000 ____D C:\Users\CESAR AUGUSTO\Downloads\IRST_Intel_17.5.2.1024_W10x64
2022-01-19 22:42 - 2022-01-19 22:42 - 000000100 _____ C:\Users\CESAR AUGUSTO\Downloads\Epic Games Account Two-Factor backup codes.txt
2022-01-19 14:46 - 2022-01-19 14:46 - 000637152 _____ C:\Users\CESAR AUGUSTO\Downloads\2190211_CamScanner 11-05-2020 11.26.21.pdf
2022-01-19 14:14 - 2022-01-19 14:14 - 000002092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2022-01-19 14:13 - 2022-01-19 14:13 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2022-01-19 14:13 - 2022-01-19 08:45 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-01-19 09:40 - 2022-01-19 09:40 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-01-19 08:52 - 2022-01-19 08:52 - 000000000 ___HD C:\$AV_ASW
2022-01-19 08:47 - 2022-01-24 17:02 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Avast Software
2022-01-19 08:46 - 2022-01-19 14:13 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-01-19 08:46 - 2022-01-19 08:46 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000540056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000021936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Avast Software
2022-01-19 08:46 - 2022-01-19 08:46 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2022-01-19 08:46 - 2022-01-19 08:45 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-01-19 08:46 - 2022-01-19 08:45 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-01-19 08:46 - 2022-01-19 08:45 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-01-19 08:45 - 2022-01-19 08:45 - 000000000 ____D C:\Program Files\Avast Software
2022-01-19 02:33 - 2022-01-19 19:36 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Green
2022-01-19 02:33 - 2022-01-19 08:48 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\UUID
2022-01-19 02:33 - 2022-01-19 02:33 - 006174399 _____ C:\Users\CESAR AUGUSTO\AppData\LocalLow\MlHPtNgvzv1.zip
2022-01-19 02:33 - 2022-01-19 02:33 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\discord_files
2022-01-19 02:32 - 2022-01-19 02:32 - 000916735 _____ (SQLite Development Team) C:\Users\CESAR AUGUSTO\AppData\LocalLow\sqlite3.dll
2022-01-19 02:07 - 2022-01-26 20:03 - 000000000 ____D C:\Program Files (x86)\Radmin VPN
2022-01-19 02:07 - 2022-01-19 02:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radmin VPN
2022-01-19 01:16 - 2022-01-19 01:16 - 054683722 _____ C:\Users\CESAR AUGUSTO\Downloads\0 BusquedaenScopus.mp4
2022-01-16 22:29 - 2022-01-16 22:29 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\Landfall West
2022-01-16 20:31 - 2022-01-16 19:41 - 000000000 ____D C:\Users\CESAR AUGUSTO\Downloads\NUEVOS MODS
2022-01-16 19:41 - 2022-01-16 20:09 - 037209024 _____ C:\Users\CESAR AUGUSTO\Downloads\NUEVOS MODS.rar
2022-01-16 18:13 - 2022-01-16 18:17 - 000000000 ____D C:\Users\CESAR AUGUSTO\Downloads\Stardew Valley v1.5.4 - LBvinicius02
2022-01-16 17:04 - 2022-01-17 12:35 - 000000000 ____D C:\Program Files\7-Zip
2022-01-16 17:04 - 2022-01-16 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-01-16 17:01 - 2022-01-16 17:26 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\SILLYAUTHORITYSoft
2022-01-15 17:01 - 2022-01-15 17:01 - 000000000 ____D C:\WINDOWS\Panther
2022-01-14 23:22 - 2022-01-14 23:22 - 000002060 _____ C:\Users\Public\Desktop\TLauncher.lnk
2022-01-14 23:22 - 2022-01-11 07:25 - 000710776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-01-14 23:21 - 2022-01-16 20:40 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\.minecraft
2022-01-14 23:21 - 2022-01-16 20:16 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\.tlauncher
2022-01-14 23:21 - 2022-01-14 23:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TLauncher
2022-01-14 23:21 - 2022-01-11 07:28 - 001879784 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-01-14 23:21 - 2022-01-11 07:28 - 001879784 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-01-14 23:21 - 2022-01-11 07:28 - 001467872 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-01-14 23:21 - 2022-01-11 07:28 - 001454824 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-01-14 23:21 - 2022-01-11 07:28 - 001454824 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-01-14 23:21 - 2022-01-11 07:28 - 001206400 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-01-14 23:21 - 2022-01-11 07:28 - 001115368 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-01-14 23:21 - 2022-01-11 07:28 - 001115368 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-01-14 23:21 - 2022-01-11 07:28 - 000969448 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-01-14 23:21 - 2022-01-11 07:28 - 000969448 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-01-14 23:21 - 2022-01-11 07:25 - 001529512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-01-14 23:21 - 2022-01-11 07:25 - 001179096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-01-14 23:21 - 2022-01-11 07:25 - 000797096 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-01-14 23:21 - 2022-01-11 07:25 - 000710824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-01-14 23:21 - 2022-01-11 07:25 - 000637864 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-01-14 23:21 - 2022-01-11 07:24 - 002119792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-01-14 23:21 - 2022-01-11 07:24 - 001601144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-01-14 23:21 - 2022-01-11 07:24 - 000983208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-01-14 23:21 - 2022-01-11 07:24 - 000455792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-01-14 23:21 - 2022-01-11 07:23 - 008609920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-01-14 23:21 - 2022-01-11 07:23 - 005734568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-01-14 23:21 - 2022-01-11 07:23 - 002934696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-01-14 23:21 - 2022-01-11 07:22 - 000850088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-01-14 23:21 - 2022-01-10 18:54 - 000089178 _____ C:\WINDOWS\system32\nvinfo.pb
2022-01-10 23:30 - 2022-01-10 23:30 - 000207030 _____ C:\Users\CESAR AUGUSTO\Downloads\11__Fisica_Semana_2_Periodo_2.pdf
2022-01-08 19:51 - 2022-01-08 19:51 - 042684853 _____ C:\Users\CESAR AUGUSTO\Downloads\MAX BURGER MENÚ.pdf
2022-01-06 13:22 - 2022-01-06 13:22 - 000499120 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2022-01-06 13:22 - 2022-01-06 13:22 - 000431920 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000943464 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000704288 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000589184 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000455616 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000448392 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000373696 _____ C:\WINDOWS\system32\ze_loader.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000142272 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2022-01-06 13:20 - 2022-01-06 13:20 - 027888024 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2022-01-06 13:20 - 2022-01-06 13:20 - 020630424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2022-01-06 13:19 - 2022-01-06 13:19 - 000356824 _____ C:\WINDOWS\system32\ControlLib.dll

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-01-28 19:58 - 2021-03-31 12:14 - 001761304 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-28 19:58 - 2020-12-04 08:26 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-28 19:58 - 2019-12-07 10:03 - 000770064 _____ C:\WINDOWS\system32\perfh00A.dat
2022-01-28 19:58 - 2019-12-07 10:03 - 000148566 _____ C:\WINDOWS\system32\perfc00A.dat
2022-01-28 19:58 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-28 19:56 - 2021-09-30 18:15 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\discord
2022-01-28 19:55 - 2021-06-11 16:00 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Discord
2022-01-28 19:55 - 2020-12-01 07:19 - 000000000 ___RD C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER
2022-01-28 19:55 - 2020-11-29 23:31 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-28 19:54 - 2020-11-30 07:02 - 000000000 __SHD C:\Users\CESAR AUGUSTO\IntelGraphicsProfiles
2022-01-28 19:54 - 2020-09-11 01:06 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-28 19:54 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-28 19:53 - 2021-06-22 15:03 - 000000000 ____D C:\Program Files\TeamViewer
2022-01-28 19:53 - 2021-03-31 12:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-28 19:53 - 2021-03-31 12:06 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-28 19:53 - 2021-03-13 11:00 - 000000000 ____D C:\ProgramData\Avast Software
2022-01-28 19:53 - 2020-09-11 00:30 - 000000000 ___HD C:\Intel
2022-01-28 19:53 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-28 19:53 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-28 19:53 - 2019-12-07 04:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-01-28 19:52 - 2021-03-31 12:06 - 000534416 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-28 19:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\es-MX
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-01-28 19:51 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\servicing
2022-01-28 19:50 - 2021-04-25 23:31 - 000003314 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d72650cda261e2
2022-01-28 19:50 - 2021-03-31 12:12 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-28 19:50 - 2021-03-31 12:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-28 19:50 - 2020-12-02 07:31 - 000000000 ____D C:\Program Files (x86)\Steam
2022-01-28 19:00 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-28 18:43 - 2019-12-07 10:05 - 000000000 ____D C:\WINDOWS\OCR
2022-01-28 18:42 - 2020-12-04 08:20 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-01-28 18:41 - 2020-12-04 08:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-28 18:38 - 2020-12-04 08:21 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-28 18:36 - 2021-06-05 16:56 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\obs-studio
2022-01-28 15:05 - 2021-03-31 12:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-01-28 15:05 - 2020-11-29 23:39 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\D3DSCache
2022-01-28 15:03 - 2019-12-07 04:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-28 12:20 - 2021-03-31 12:07 - 000000000 ____D C:\Users\CESAR AUGUSTO
2022-01-28 03:34 - 2020-11-30 19:02 - 000000000 ____D C:\ProgramData\Autodesk
2022-01-27 23:28 - 2021-10-06 03:58 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\Temp
2022-01-27 15:44 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-01-26 14:53 - 2021-06-21 18:37 - 000000000 ____D C:\Program Files\Stellar Data Recovery
2022-01-26 14:53 - 2021-06-21 11:17 - 000000000 ____D C:\Program Files (x86)\Company
2022-01-26 14:25 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-01-26 14:09 - 2020-12-23 18:35 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-26 14:05 - 2021-06-21 11:21 - 021233664 _____ C:\WINDOWS\system32\C_32770.NLS
2022-01-24 17:02 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-22 00:31 - 2020-11-30 12:55 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\CrashDumps
2022-01-22 00:30 - 2021-12-11 11:00 - 000003126 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2694221440-3033398545-1844018541-1001
2022-01-22 00:30 - 2021-06-27 17:45 - 000002234 _____ C:\WINDOWS\system32\Tasks\NitroSense
2022-01-22 00:30 - 2021-06-24 12:24 - 000002650 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2022-01-22 00:30 - 2021-06-22 14:44 - 000003982 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1624391081
2022-01-22 00:30 - 2021-06-21 02:16 - 000003982 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1624259789
2022-01-22 00:30 - 2021-04-06 09:39 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2694221440-3033398545-1844018541-1001
2022-01-22 00:30 - 2021-04-06 09:10 - 000003438 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{60644F42-85B0-4A4F-A239-78B3764B8658}
2022-01-22 00:30 - 2021-03-31 12:12 - 000004362 _____ C:\WINDOWS\system32\Tasks\Software Update Application
2022-01-22 00:30 - 2021-03-31 12:12 - 000003910 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled assistant Autoupdate 1615899705
2022-01-22 00:30 - 2021-03-31 12:12 - 000003642 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1608758439
2022-01-22 00:30 - 2021-03-31 12:12 - 000003546 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-22 00:30 - 2021-03-31 12:12 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-22 00:30 - 2021-03-31 12:12 - 000003458 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003322 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-22 00:30 - 2021-03-31 12:12 - 000003212 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003044 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000002974 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000002804 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:27 - 2021-04-06 09:39 - 000002456 _____ C:\Users\CESAR AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-21 00:41 - 2020-11-30 07:02 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Packages
2022-01-20 22:31 - 2021-09-07 13:05 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Ubisoft Game Launcher
2022-01-20 21:28 - 2020-11-29 23:36 - 000000000 ____D C:\Program Files (x86)\Epic Games
2022-01-20 20:59 - 2020-09-11 00:37 - 000000000 ____D C:\Program Files (x86)\Intel
2022-01-20 20:59 - 2020-09-11 00:35 - 000000000 ____D C:\ProgramData\Package Cache
2022-01-20 19:01 - 2020-12-29 12:26 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-01-19 23:41 - 2020-09-11 00:35 - 000000000 ____D C:\Program Files\Intel
2022-01-19 23:39 - 2020-09-11 00:36 - 000000000 ____D C:\ProgramData\Intel
2022-01-19 23:14 - 2020-11-30 07:02 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Intel
2022-01-19 14:49 - 2019-11-06 02:46 - 000000000 ___HD C:\OEM
2022-01-19 13:34 - 2021-07-01 22:14 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Telegram Desktop
2022-01-19 09:40 - 2020-11-30 14:50 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Zoom
2022-01-19 08:21 - 2020-12-24 18:53 - 000192736 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2022-01-19 08:21 - 2020-12-24 18:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-01-19 08:21 - 2020-12-24 18:53 - 000000000 ____D C:\Program Files\Java
2022-01-19 03:12 - 2020-11-30 13:03 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\StardewValley
2022-01-19 02:34 - 2019-03-18 23:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2022-01-17 16:20 - 2020-12-05 19:10 - 000000000 ____D C:\Program Files\Epic Games
2022-01-16 21:58 - 2021-09-07 13:05 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2022-01-16 21:58 - 2021-09-07 13:05 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2022-01-16 18:15 - 2021-06-26 10:55 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2022-01-16 18:15 - 2020-11-30 13:00 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2022-01-15 17:10 - 2020-12-01 00:08 - 000000000 ____D C:\Program Files\Microsoft Office
2022-01-14 23:31 - 2020-12-24 19:06 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\NVIDIA
2022-01-13 22:37 - 2020-11-30 16:32 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Adobe
2022-01-12 15:44 - 2021-11-26 14:56 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-11 07:24 - 2020-12-04 08:34 - 000792688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-01-11 07:23 - 2021-09-30 11:30 - 007713392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-01-11 07:23 - 2021-09-30 11:30 - 005099176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-01-11 07:21 - 2021-09-30 11:30 - 006455824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-01-11 07:21 - 2020-12-04 08:34 - 007610232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-01-02 00:28 - 2021-07-06 14:42 - 000001451 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2022-01-02 00:28 - 2020-09-11 01:03 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-01-02 00:28 - 2020-09-11 01:03 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-01-02 00:28 - 2020-09-11 01:03 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-12-29 11:40 - 2021-11-30 22:15 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\Unity

==================== Archivos en la raíz de algunos directorios ========

2021-06-21 11:20 - 2021-06-21 11:20 - 000000558 _____ () C:\Users\CESAR AUGUSTO\AppData\Local\bowsakkdestx.txt
2021-07-17 13:04 - 2021-07-17 13:04 - 000007603 _____ () C:\Users\CESAR AUGUSTO\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================
  1. Adition.txt : No cabe todo el informe por lo que lo pondre en dos partes. parte 1:
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 26-01-2022
Ejecutado por CESAR AUGUSTO (28-01-2022 20:05:58)
Ejecutado desde C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Desktop
Microsoft Windows 10 Home Versión 20H2 19042.1466 (X64) (2021-03-31 17:12:29)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-2694221440-3033398545-1844018541-500 - Administrator - Disabled)
CESAR AUGUSTO (S-1-5-21-2694221440-3033398545-1844018541-1001 - Administrator - Enabled) => C:\Users\CESAR AUGUSTO
DefaultAccount (S-1-5-21-2694221440-3033398545-1844018541-503 - Limited - Disabled)
Invitado (S-1-5-21-2694221440-3033398545-1844018541-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2694221440-3033398545-1844018541-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\uTorrent) (Version: 3.5.5.46038 - BitTorrent Inc.)
7-Zip 21.07 (x64) (HKLM\...\7-Zip) (Version: 21.07 - Igor Pavlov)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Jumpstart (HKLM-x32\...\{E3930B59-5669-4BAB-A329-D56C1427C613}) (Version: 3.3.19180.100 - Acer)
Acer Network Optimizer (HKLM-x32\...\{3C8FA4F4-8471-4C60-9002-9B9F78B7B483}) (Version: 4 - Acer)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1034-1033-7760-BC15014EA700}) (Version: 21.011.20039 - Adobe)
Aplicación de escritorio de Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.2.0.34 - Autodesk)
Aplicaciones de Microsoft 365 para empresas - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.14729.20260 - Microsoft Corporation)
Aplicaciones destacadas de Autodesk 2020-2021 (HKLM-x32\...\{2CBD494D-0A3E-4CB3-AFB3-8CE1734613B0}) (Version: 3.1.0 - Autodesk)
Argente - Registry Cleaner 3.1.2.0 (HKLM\...\Argente - Registry Cleaner_is1) (Version: 3.1.2.0 - Raúl Argente)
AutoCAD 2021 - Español (Spanish) (HKLM\...\{28B89EEF-4101-040A-2102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden
Autodesk Advanced Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{C9FDA270-A0B9-45EE-8748-F37DF1370767}) (Version: 19.1.23.0 - Autodesk)
Autodesk Advanced Material Library Base Resolution Image Library 2022 (HKLM-x32\...\{7E78B513-B354-4833-8897-3ED5C515D30F}) (Version: 20.3.7.0 - Autodesk)
Autodesk Advanced Material Library Low Resolution Image Library 2021 (HKLM-x32\...\{AB7DC10F-1D72-4F90-988F-CDC2D6323A48}) (Version: 19.1.23.0 - Autodesk)
Autodesk Advanced Material Library Low Resolution Image Library 2022 (HKLM-x32\...\{EEAD8CC3-B6B7-4D4B-AF0D-4BBD3D93D67C}) (Version: 20.3.7.0 - Autodesk)
Autodesk Advanced Material Library Medium Resolution Image Library 2022 (HKLM-x32\...\{493ACC3C-3ABF-4CBB-8F6E-E4433090A589}) (Version: 20.3.7.0 - Autodesk)
Autodesk App Manager 2020-2021 (HKLM-x32\...\{DB92FEA7-F78C-469E-B138-E2303220F0C4}) (Version: 3.1.0 - Autodesk)
Autodesk AutoCAD 2021 - Español (Spanish) (HKLM\...\AutoCAD 2021 - Español (Spanish)) (Version: 24.0.47.0 - Autodesk)
Autodesk Cloud Models for Revit 2021 (HKLM\...\{AA384BE4-2101-0030-0000-97E7D7D021A1}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Genuine Service (HKLM\...\{1C5DB7B1-CE18-438C-B071-3AD6B8ADA5A0}) (Version: 4.4.0.85 - Autodesk)
Autodesk Material Library 2021 (HKLM-x32\...\{8C559572-4A10-43C2-9346-6E7C7E012487}) (Version: 19.1.23.0 - Autodesk)
Autodesk Material Library 2022 (HKLM-x32\...\{A9221A68-5AD0-4215-B54F-CB5DBA4FB27C}) (Version: 20.3.7.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{EFC36459-CD89-44F3-BA04-B7C5804199AF}) (Version: 19.1.23.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2022 (HKLM-x32\...\{6256584F-B04B-41D4-8A59-44E70940C473}) (Version: 20.3.7.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2021 (HKLM-x32\...\{AD6312B6-3056-460A-833F-02654FAC5FCE}) (Version: 19.1.23.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2022 (HKLM-x32\...\{490259AE-1021-4BED-B74B-162151EC45C7}) (Version: 20.3.7.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2021 (HKLM-x32\...\{69D8FFED-B14E-4998-BBC2-535006E195D6}) (Version: 19.1.23.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2022 (HKLM-x32\...\{8300AA3F-6ADF-4233-A1FB-73B1894102F0}) (Version: 20.3.7.0 - Autodesk)
Autodesk Revit 2021 (HKLM\...\{AA3C5F33-570B-3989-8542-D5DC0F759221}) (Version: 21.1.21.45 - Autodesk, Inc.)
Autodesk Revit 2021 Revit MEP Imperial Content (HKLM\...\{80B2AAE7-4B04-4BDE-B545-DA0298C548FD}) (Version: 2.2 - Autodesk) Hidden
Autodesk Revit 2021 Revit MEP Metric Content (HKLM\...\{18FAFC92-6F7A-4894-ACD1-19EC6C4E639B}) (Version: 2.2 - Autodesk) Hidden
Autodesk Revit Content Core 2021 (HKLM\...\{583895D0-2021-0410-0000-9241AD002DA5}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Core-RVT 2021 (HKLM\...\{CC7D1ED0-2021-0410-0000-1CC925969102}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Core-RVT 2021 (HKLM-x32\...\{1aa4d703-a089-48e4-b1d0-ae8e867add5f}) (Version: 21.0.0.0 - Autodesk) Hidden
Autodesk Revit Content Essential-CHS 2021 (HKLM\...\{848BACE1-2021-2052-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-CHT 2021 (HKLM\...\{848BACE1-2021-1028-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-CSY 2021 (HKLM\...\{848BACE1-2021-1029-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-DEU 2021 (HKLM\...\{848BACE1-2021-1031-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-DEU 2021 (HKLM-x32\...\{435bd39b-3dd5-416c-92fa-3c74410c8ea0}) (Version: 21.0.0.0 - Autodesk) Hidden
Autodesk Revit Content Essential-ENG 2021 (HKLM\...\{848BACE1-2021-2057-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-ENU 2021 (HKLM\...\{848BACE1-2021-1033-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-ENU 2021 (HKLM-x32\...\{cc2718e8-7490-46e0-b667-2d7b41238bc6}) (Version: 21.0.0.0 - Autodesk) Hidden
Autodesk Revit Content Essential-ESP 2021 (HKLM\...\{848BACE1-2021-1034-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-FRA 2021 (HKLM\...\{848BACE1-2021-1036-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-ITA 2021 (HKLM\...\{848BACE1-2021-1040-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-JPN 2021 (HKLM\...\{848BACE1-2021-1041-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-KOR 2021 (HKLM\...\{848BACE1-2021-1042-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-PLK 2021 (HKLM\...\{848BACE1-2021-1045-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-PTB 2021 (HKLM\...\{848BACE1-2021-1046-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-RUS 2021 (HKLM\...\{848BACE1-2021-1049-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Unit Schemas 2021 (HKLM\...\{CDCC6F31-2021-4912-8E9B-D562B70697B6}) (Version: 21.1.21.45 - Autodesk)
Autodesk Revit Unit Schemas 2022 (HKLM\...\{CDCC6F31-2022-4901-8E9B-D562B70697B6}) (Version: 22.0.2.392 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{B9F5BDED-021C-4926-8518-4FA7114B7040}) (Version: 12.3.3.1803 - Autodesk)
Autodesk Spanish Content for Revit 2022 (HKLM\...\{205C6D76-2022-1034-B227-DC6376F702DC}) (Version: 22.1.0.406 - Autodesk) Hidden
Autodesk Spanish Content for Revit LT 2022 (HKLM\...\{CE9E7254-2022-1034-A79C-D96B1058992D}) (Version: 22.1.0.407 - Autodesk) Hidden
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
Batch Print for Autodesk Revit 2021 (HKLM\...\{82AF00E4-2101-0010-0000-FCE0F87021A1}) (Version: 21.1.21.45 - Autodesk) Hidden
Care Center Service (HKLM\...\{AFB52E98-7597-4484-9202-58F0FD3512ED}) (Version: 4.00.3019 - Acer Incorporated)
Comprobación de estado de PC Windows (HKLM\...\{75741B4B-FC87-494A-A380-0EBA06DB89F9}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Discord (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.)
Documentation Manager (HKLM\...\{E80BFF97-B9A6-41B6-8686-7A7CC235AB91}) (Version: 22.100.1.1 - Intel Corporation) Hidden
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3026 - Acer Incorporated)
Dynamic Application Loader Host Interface Service (HKLM\...\{D492644D-815B-48F6-B079-6E1FE92FCFDE}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Enscape (HKLM\...\{205B2C56-8CA7-402C-A8B8-D614F8795204}) (Version: 3.1.2.55592 - Enscape GmbH)
Epic Games Launcher (HKLM-x32\...\{5EDB15EA-8B3E-4C51-AE28-7BFFE25208C2}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
EPSON L575 Series Printer Uninstall (HKLM\...\EPSON L575 Series) (Version:  - SEIKO EPSON Corporation)
eTransmit for Autodesk Revit 2021 (HKLM\...\{4477F08B-2101-0010-0000-9A09D83421A1}) (Version: 21.1.21.45 - Autodesk) Hidden
FormIt Converter For Revit 2021 (HKLM\...\{6865122A-3762-2021-A6C8-89011772ADA2}) (Version: 21.1.19.1 - Autodesk) Hidden
Generative Design For Revit (HKLM\...\{9001EBB9-B3FE-4A10-BA1C-DCBE352FCC57}) (Version: 21.11.1.0 - Autodesk)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
GoTrust ID Plugin 2.0.10.26 (HKLM\...\GoTrust ID Plugin) (Version: 2.0.10.26 - GoTrust ID Inc.)
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version:  - Richard)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.53.3) (Version: 9.53.3 - Artifex Software Inc.)
Guardar en la versión web y para dispositivos móviles de Autodesk (HKLM\...\{A9005AC0-4AD8-4E84-B1F7-EE38BB6BCC2D}) (Version: 3.0.26 - Autodesk)
Hollow Knight MULTi2 - ElAmigos versión 1.4.3.2 (HKLM-x32\...\{1CD3BBBF-DF40-4A2B-9580-F1021E575C2C}_is1) (Version: 1.4.3.2 - Team Cherry)
Intel(R) Chipset Device Software (HKLM-x32\...\{70281077-96c3-4f75-938c-dc4746110c00}) (Version: 10.1.17903.8106 - Intel(R) Corporation)
Intel(R) Computing Improvement Program (HKLM\...\{88B98508-2D8F-46F1-90AD-557BE40C7067}) (Version: 2.4.07642 - Intel Corporation)
Intel(R) Computing Improvement Program (HKLM-x32\...\{56000ce0-6041-44e2-b87e-810aa3c8c54f}) (Version: 2.4.7642 - Intel Corporation) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{31949e15-2f6e-4f85-8280-9228b2ba14a9}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1946.12.0.1328 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.6911 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1007 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1915.1 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001100-0220-1034-84C8-B8D95FA3C8C3}) (Version: 22.100.1.1 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{4B3C56AB-963E-4F48-9747-05297683DB3B}) (Version: 16.8.3.1003 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{84a8d138-a6e7-4326-b967-45bd6df40976}) (Version: 22.100.1.1 - Intel Corporation) Hidden
Java 8 Update 321 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180321F0}) (Version: 8.0.3210.7 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
MATLAB R2021b (HKLM\...\Matlab R2021b) (Version: 9.11 - MathWorks)
Mendeley Desktop 1.19.4 (HKLM-x32\...\Mendeley Desktop) (Version: 1.19.4 - Mendeley Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.76 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{BAF67399-85CD-4555-9B49-1F80EB921C35}) (Version: 12.3.6024.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Teams) (Version: 1.4.00.32771 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30129 (HKLM-x32\...\{b8c00579-2fe5-46b7-9752-8a13e5be7155}) (Version: 14.29.30129.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.9 (x86) (HKLM-x32\...\{adb8593e-4b1d-48bf-a86f-d39db017d999}) (Version: 3.1.9.29323 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiKTeX (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\MiKTeX) (Version: 20.11 - MiKTeX.org)
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
NitroSense Service (HKLM\...\{6FC78E80-6385-43D6-8A43-FA80094F1A2E}) (Version: 3.01.3012 - Acer Incorporated)
NVIDIA Controlador de audio HD 1.3.39.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.1 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 511.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 511.23 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.0.0 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
OpenStudio CLI For Revit 2021 (HKLM\...\{3BD91CC3-CA0A-4B3D-8950-C21BABFAF61F}) (Version: 0.1.17 - NREL)
OpenStudio CLI For Revit 2022 (HKLM\...\{7F84EE71-7DAF-4CEE-B063-FA3C931E1206}) (Version: 1.0.3 - NREL)
Opera GX Stable 82.0.4227.50 (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Opera GX 82.0.4227.50) (Version: 82.0.4227.50 - Opera Software)
OWN3D for OBS Studio version 1.4.7.0 (HKLM\...\{31A72556-7590-4678-AB69-96D602C95C02}}_is1) (Version: 1.4.7.0 - Own3d media GmbH)
Personal Accelerator for Revit (HKLM\...\{6E1DC831-145C-4FB6-97CC-714AB058D840}) (Version: 22.0.5.0 - Autodesk) Hidden
Personal Accelerator for Revit (HKLM\...\Personal Accelerator for Revit) (Version: 22.0.5.0 - Autodesk)
Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3017 - Acer Incorporated)
Radmin Viewer 3.5.2 (HKLM-x32\...\{9F9073EA-5DCE-4B23-8A0C-C7D2C89AEADC}) (Version: 3.52.1.0000 - Famatech)
Radmin VPN 1.2.1 (HKLM-x32\...\{4F6D003D-E674-4019-A4B5-CD632584CFE8}) (Version: 1.2.4457 - Famatech)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Revit 2021 (HKLM\...\{7346B4A0-2100-0510-0000-705C0D862004}) (Version: 21.1.21.45 - Autodesk) Hidden
Spanish Content for Autodesk Revit 2022 (HKLM\...\{1429076C-210B-3749-B574-5E1389A74BFE}) (Version: 22.1.0.406 - Autodesk, Inc.)
Spanish Content for Autodesk Revit LT 2022 (HKLM\...\{6EF2C3C6-747B-3663-B73A-08E186776A3B}) (Version: 22.1.0.407 - Autodesk, Inc.)
SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.12.22.273 - EnigmaSoft Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellar Data Recovery (HKLM\...\Stellar Data Recovery_is1) (Version: 9.0.0.3 - Stellar Information Technology Pvt Ltd.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.19.3 - TeamViewer)
Telegram Desktop version 3.4.3 (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.4.3 - Telegram FZ-LLC)
Texmaker 5.0.4 (64-bit) (HKLM-x32\...\{A0BF9BD0-B576-47A7-B650-0204CB190D28}) (Version: 5.0.4.0 - Texmaker)
TLauncher (HKLM-x32\...\TLauncher) (Version: 2.839 - TLauncher Inc.)
Tracker (HKLM-x32\...\OSP Tracker) (Version: 5.1.5 - Open Source Physics)
TranslucentTB (HKLM-x32\...\TranslucentTB_is1) (Version: 9.0.0.0 - TranslucentTB Open Source Developers)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 4.0.0 - Tweaking.com)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
User Experience Improvement Program Service (HKLM\...\{E9495FD3-F73D-4D33-A104-047F9E8BE6C7}) (Version: 4.00.3106 - Acer Incorporated)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 97.0.1072.69 - Microsoft Corporation)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Worksharing Monitor for Autodesk Revit 2021 (HKLM\...\{5063E738-2101-0010-0000-7B7B9AB021A1}) (Version: 21.1.21.45 - Autodesk) Hidden
XSplit Gamecaster (HKLM-x32\...\{CAC84AB6-6C1D-41C5-A21C-1D48889E9C3B}) (Version: 3.4.1812.0308 - SplitmediaLabs)
Zoom (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)

Packages:
=========
Acer Collection S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollectionS_1.0.3004.0_x64__48frkmn4z8aw4 [2021-06-21] (Acer Incorporated)
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3024.0_x64__48frkmn4z8aw4 [2021-06-21] (Acer Incorporated)
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3019.0_x64__48frkmn4z8aw4 [2021-06-21] (Acer Incorporated)
Complemento de motor multimedia para Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-06-21] (Microsoft Corporation)
Dropbox - promoción -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2021-06-21] (Dropbox Inc.)
GoTrust ID -> C:\Program Files\WindowsApps\GOTrustTechnologyInc.GO-TrustAuthenticator_3.1.21.0_x64__0r04f53sqacg6 [2021-06-21] (GoTrustID Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-06-21] (INTEL CORP)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt [2021-06-21] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-06-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-06-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-21] (Microsoft Studios) [MS Ad]
NitroSense_V31 -> C:\Program Files\WindowsApps\AcerIncorporated.NitroSenseV31_3.1.3012.0_x64__48frkmn4z8aw4 [2021-06-27] (Acer Incorporated)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2022-01-14] (NVIDIA Corp.)
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.5229.0_x64__ypz87dpxkv292 [2021-06-21] (CYBERLINK COM CORP)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2021-06-21] (CYBERLINK COM CORP)
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3017.0_x64__48frkmn4z8aw4 [2021-06-21] (Acer Incorporated)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-12-03] (Adobe Systems Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.10.216.0_x64__dt26b99r8h8gj [2021-10-06] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0 [2021-06-21] (Spotify AB) [Startup Task]
User Experience Improvement Program -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgram_4.0.3106.0_x64__48frkmn4z8aw4 [2021-06-21] (Acer Incorporated)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2021-06-21] (VideoLAN)
Waves MaxxAudio For Acer -> C:\Program Files\WindowsApps\WavesAudio.20761030F5EAC_1.0.67.0_x64__fh4rh281wavaa [2021-06-21] (Waves Audio)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001_Classes\CLSID\{04271989-C4D2-A882-C56E-8AF8B5E46641} -> [OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER] => C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER [2020-12-01 07:19]
CustomCLSID: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\CESAR AUGUSTO\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21264.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2021\es-ES\acadficn.dll (Autodesk Asia Pte. Ltd. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Archivo no firmado] [El archivo está en uso]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-01-19] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2020-01-22] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-01-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2020-01-22] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-01-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-01-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Archivo no firmado] [El archivo está en uso]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_a87281c4bd1a1369\nvshext.dll [2022-01-11] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-01-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\CESAR AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (anaconda3).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /K ""C:\Users\CESAR AUGUSTO\anaconda3\Scripts\activate.bat" "C:\Users\CESAR AUGUSTO\anaconda3""

==================== Módulos cargados (Lista blanca) =============

2021-07-23 11:36 - 2021-07-23 11:36 - 002122240 _____ (SQLite Development Team) [Archivo no firmado] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Asociación (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado.)

HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\Software\Classes\.scr: AutoCADScriptFile => 

==================== Internet Explorer (Lista blanca) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-11-03] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_321\bin\ssv.dll [2022-01-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_321\bin\jp2ssv.dll [2022-01-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\sharepoint.com -> hxxps://correouisedu-files.sharepoint.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2019-03-18 23:49 - 2022-01-19 02:32 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\dotnet\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\MATLAB\R2021b\runtime\win64;C:\Program Files\MATLAB\R2021b\bin;
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 190.157.8.100 - 190.157.8.101
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\Run: => "pac"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service "
HKLM\...\StartupApproved\Run32: => "RadminVPN"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "haleng"
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\StartupApproved\StartupFolder: => "3ffadc7a.exe"
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\StartupApproved\Run: => "btweb"
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\StartupApproved\Run: => "Prun"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [UDP Query User{7DD623D5-A736-4BAE-B6E5-E84E5A9AB613}C:\program files (x86)\tracker\jre\bin\java.exe] => (Allow) C:\program files (x86)\tracker\jre\bin\java.exe
FirewallRules: [TCP Query User{86DB1E87-F925-410E-8375-991BADBE17F3}C:\program files (x86)\tracker\jre\bin\java.exe] => (Allow) C:\program files (x86)\tracker\jre\bin\java.exe
FirewallRules: [UDP Query User{AF784F14-1608-4B38-AFE1-31E95BB3E365}C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe (Hirez Studios, Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{E83627EC-A38A-4933-86D7-28B44C7124A0}C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe (Hirez Studios, Inc.) [Archivo no firmado]
FirewallRules: [{9EDBFB53-B974-4AE9-B2BA-A34F9651E19D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{FFED554E-7F8E-4B11-B42D-9FC87325C997}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{4DFCBE12-14D8-4EF7-A86F-CF8113A1864C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{83F373BA-058E-42FC-B263-D1256AB00DCD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{B202223C-95A7-4772-9483-6BE1C1BB114B}C:\program files (x86)\tracker\jre\bin\java.exe] => (Allow) C:\program files (x86)\tracker\jre\bin\java.exe
FirewallRules: [TCP Query User{E48FB5BC-CA48-4052-8849-44B34E6B0F79}C:\program files (x86)\tracker\jre\bin\java.exe] => (Allow) C:\program files (x86)\tracker\jre\bin\java.exe
FirewallRules: [{6C0509D6-F7C0-41CD-A5DF-44230EFDC5AD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E82137A8-6F20-419E-A5B9-64182717C143}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{480B5EC9-D5FC-4BF5-9A45-30BF684B73A5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1FFD07AB-5AC3-4FB0-8EB3-E9126883C078}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{5A59DF9E-E70D-48BB-AFD0-08A8499229D9}C:\users\cesar augusto\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\cesar augusto\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{7B430523-D3F0-479B-9011-3C0D9DBE073D}C:\users\cesar augusto\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\cesar augusto\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8B00C0C0-9E1E-40B6-BAFF-86DB177998B7}] => (Allow) C:\Users\CESAR AUGUSTO\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B7AE1EC3-D051-45DD-822F-7B27E5B9FFA7}] => (Allow) C:\Users\CESAR AUGUSTO\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{FDA7A803-3D7A-4132-BA79-1F9ADEF631A0}] => (Allow) C:\Users\CESAR AUGUSTO\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4ADC6AA0-3534-407C-A15F-60522E96C191}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{7F174C44-AC8E-477A-A212-E2CFF94C0B8F}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{961565F1-D8C2-4394-A32B-3B32D2BAB44C}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{2BF584AC-748B-4855-822F-EED04FF05B00}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{5286D2D3-385A-49CD-924F-F288408E73A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{23242948-F517-4452-BB8D-306F11735E46}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{0298A04E-09CB-4D0C-AD0D-27DFC46D63D6}C:\users\cesar augusto\appdata\local\enlisted\launcher.exe] => (Allow) C:\users\cesar augusto\appdata\local\enlisted\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [UDP Query User{AE9330D9-F763-43D3-85BC-7366181C74C8}C:\users\cesar augusto\appdata\local\enlisted\launcher.exe] => (Allow) C:\users\cesar augusto\appdata\local\enlisted\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{712BD8F8-FFF9-4F2B-AB64-8E7C35CE17FA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DED540D5-3D1D-49E0-8585-79828EC63152}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8DBCF1AA-83CE-4A45-B132-6B60CAE91120}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B78DA11A-FC07-4F4E-91F3-DAEF62FE1FAB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1B0CB1EF-4F20-46CA-9661-0D918C79F86A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EF1DEEC9-4803-45C7-A63B-54515D028310}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1625E223-DC2E-44DE-A6AC-34508ACABCAA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4C91F8DD-1DD3-488D-BB42-300834FF8D43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E91EDEB2-6474-4529-9C02-96D7DD0EA03E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{774E1860-4277-4022-B583-BEF928970504}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6B51C9AA-7E01-45D8-B84A-4A73ECC143BA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5F98CDD4-04B2-41A4-B318-BED14D2EF3CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EC1E7772-4614-4767-A335-5BD6AEB1CB12}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F53367EA-96A9-4B45-BF52-55E97BCE88CA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B8848F53-D656-4C2B-BADD-B4FF97E2E7E4}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8F4FF402-59D1-40E2-88D5-3A319D69B356}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8B4CFAF7-65CB-4A10-A878-3840B98FB06E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{522FFD23-BBEB-4A60-B8F6-A15CAF0A0AE4}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5170F499-4AEF-4FEA-891D-26C1840A6392}] => (Allow) C:\Users\CESAR AUGUSTO\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F251A822-F938-45A3-8768-7AD04A6F2963}] => (Allow) C:\Users\CESAR AUGUSTO\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{FD658DF9-9E34-49B6-815C-C2A2769FF6C7}C:\program files\epic games\amongus\among us.exe] => (Allow) C:\program files\epic games\amongus\among us.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{E34710D9-2C2C-4409-A160-F21AB021F48D}C:\program files\epic games\amongus\among us.exe] => (Allow) C:\program files\epic games\amongus\among us.exe () [Archivo no firmado]
FirewallRules: [{2890BC1C-E569-455D-8211-E982B544B1B7}] => (Block) C:\program files\epic games\amongus\among us.exe () [Archivo no firmado]
FirewallRules: [{9F11DF56-7E11-4FB3-A033-46D7FB71429F}] => (Block) C:\program files\epic games\amongus\among us.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{912510BB-29C8-4F4A-BBF4-EC7DC5EE83B9}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{C3CE7BB2-16EA-407E-AA1C-E8434C6B6BB7}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{487C9CFE-B61E-44C4-B8BD-AFF9704F670B}] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{0CF33E77-C4FF-4090-B5C4-1E3D4D0C5756}] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{2F0F62C0-C291-4947-BE7B-95BDD90FF8FA}C:\program files (x86)\neverwinter_en\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files (x86)\neverwinter_en\neverwinter\live\x64\gameclient.exe (CRYPTIC STUDIOS, INC -> )
FirewallRules: [UDP Query User{8F306B49-04FA-4BE3-AF12-4DF3B6A963BE}C:\program files (x86)\neverwinter_en\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files (x86)\neverwinter_en\neverwinter\live\x64\gameclient.exe (CRYPTIC STUDIOS, INC -> )
FirewallRules: [{77B5691F-731D-4B70-BCC4-5C53944A8D6B}] => (Block) C:\program files (x86)\neverwinter_en\neverwinter\live\x64\gameclient.exe (CRYPTIC STUDIOS, INC -> )
FirewallRules: [{CC93057B-AC04-41FE-9023-37C7ADE7EC7B}] => (Block) C:\program files (x86)\neverwinter_en\neverwinter\live\x64\gameclient.exe (CRYPTIC STUDIOS, INC -> )
FirewallRules: [TCP Query User{002AB36E-3388-40F6-BE7C-EE0FE04C5B07}C:\users\cesar augusto\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{D4DE275E-E014-46E8-B375-E16691FC12A8}C:\users\cesar augusto\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{E369195B-2092-4356-99F5-557EDA3EE683}] => (Block) C:\users\cesar augusto\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{3B52EAD9-D646-44E2-9AF8-10E9D89C77C3}] => (Block) C:\users\cesar augusto\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{ECFF8A5A-8A27-4BF5-9610-AD8197A5725C}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{A43EE680-DC7F-490E-92D8-CDE76C656583}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{2F775916-0BC1-401E-A0A6-FB9FADC1E66A}] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{7C843BC3-C788-4558-8A01-EF6F6836F34B}] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{9B5EB4D2-FA08-45D4-A737-682FBA2670CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [Archivo no firmado]
FirewallRules: [{ED2BF18B-A7F8-4D32-96D4-FD39B677FD60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [Archivo no firmado]
FirewallRules: [{2C765929-1E68-44A6-95F4-F1174E6943A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo Infinite\HaloInfinite.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{73AEB755-41DD-4B50-AB75-B1F0976C2D53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo Infinite\HaloInfinite.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [TCP Query User{CC05642F-6560-4D64-B1F6-0DCA8EF80A23}C:\users\cesar augusto\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\cesar augusto\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{A102873C-AA38-4243-AA37-6EA59C23AD6F}C:\users\cesar augusto\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\cesar augusto\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{B72B5323-5A8B-426C-AE71-B41C90245D4B}] => (Block) C:\users\cesar augusto\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{7D0FB500-F6CA-4096-803A-863C60CFBADB}] => (Block) C:\users\cesar augusto\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{41EE41A4-E632-4D5D-A0F3-1C6EC847101E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A908FC3F-002A-4A17-9C84-5FEFA47436A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C41B3630-E56C-4B54-B0E9-AC183D29217D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3648D681-3985-4CD8-8D68-051C1DD28260}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{00DE08E9-6D69-4F72-898E-A9B641C45C98}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{137EE273-46D8-416D-843F-C2E8FB653A91}C:\users\cesar augusto\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\cesar augusto\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{8AB92D63-1657-400F-8546-F36522E13BD8}C:\users\cesar augusto\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\cesar augusto\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [{15789780-86AE-477F-A553-205D9AFFAFB3}] => (Block) C:\users\cesar augusto\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [{20963D63-8735-44F7-ACBC-3CCF414F5CFD}] => (Block) C:\users\cesar augusto\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{737BEBA2-F9A8-4722-893B-D1AFBF68E717}C:\users\cesar augusto\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\cesar augusto\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{59CBC86E-AF1E-48EB-B89E-3F19DC017AA4}C:\users\cesar augusto\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\cesar augusto\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [{DB1063CC-E700-4CC9-9BFD-56C5B79A2203}] => (Block) C:\users\cesar augusto\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [{64C765A2-F6BA-409D-8EB6-5FC0B3D18CA3}] => (Block) C:\users\cesar augusto\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [{7AB3E4F7-A67B-42DF-8923-996A63648B83}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2B4E5E94-6CF2-413C-BB8D-31F266D63DB0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5CCE0872-BAC2-4270-B602-31D97B3A981E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8836F4DF-307B-4A9C-A639-E1F28E903C1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Uno\UNO.exe (Chengdu Ubisoft Software Co., Ltd. -> )
FirewallRules: [{DD1B23D1-5E2F-4019-B92A-3C272F1A3265}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Uno\UNO.exe (Chengdu Ubisoft Software Co., Ltd. -> )
FirewallRules: [{4EA6B41B-660F-4393-B478-458327949712}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [Archivo no firmado]
FirewallRules: [{958AA167-741C-40CF-B274-6DF2006A594D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{4D6B66E0-40A1-452C-990B-8F2438DB975E}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [UDP Query User{539A913D-AD08-4D80-AE81-296FA3AA0682}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{31E6BFA9-80F5-412B-A264-0D6CE45C8641}] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{3181C7C3-D9F9-4FAD-8DAC-076797B93A99}] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{A5163E51-4754-4B37-BEBA-0B40FE36E82E}] => (Allow) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe (Famatech Corp. -> Famatech Corp.)
FirewallRules: [TCP Query User{8C0600D8-10C0-429E-B880-56936C103AE3}C:\users\cesar augusto\downloads\stardew valley v1.5.4 - lbvinicius02\stardew valley.exe] => (Allow) C:\users\cesar augusto\downloads\stardew valley v1.5.4 - lbvinicius02\stardew valley.exe (ConcernedApe) [Archivo no firmado]
FirewallRules: [UDP Query User{58A7C90C-6228-474D-85FF-B25BD31F8E27}C:\users\cesar augusto\downloads\stardew valley v1.5.4 - lbvinicius02\stardew valley.exe] => (Allow) C:\users\cesar augusto\downloads\stardew valley v1.5.4 - lbvinicius02\stardew valley.exe (ConcernedApe) [Archivo no firmado]
FirewallRules: [{7C54A6AF-9956-4394-A318-6D36AADC6B7A}] => (Block) C:\users\cesar augusto\downloads\stardew valley v1.5.4 - lbvinicius02\stardew valley.exe (ConcernedApe) [Archivo no firmado]
FirewallRules: [{09F36F46-E608-4985-A756-6620FAD09AA5}] => (Block) C:\users\cesar augusto\downloads\stardew valley v1.5.4 - lbvinicius02\stardew valley.exe (ConcernedApe) [Archivo no firmado]
FirewallRules: [{4C3AD855-3C45-443D-B0B1-CA9921C75444}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{3B7CC10B-F5DB-43E4-BD32-AEF3900F5A65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{1CCD0BBB-CAE2-4069-9868-0597AC8239F5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{602B2C85-B6AA-4650-96E7-A5024FAC450A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D1E083A2-678D-4BDD-B944-292EEF866CD2}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5D8EF0BF-4683-48FD-95C4-3A9CCC1C6A5F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8CD809C4-68ED-44C4-AA1F-0E57E2D084BE}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{F28159F5-8EA3-42F9-A04E-E50480E00395}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{777572C1-1D3A-4EB3-B48E-3111D160C349}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{E7B2ED9F-A0B1-45E6-B1CB-0091DBAEE77D}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{A07EC104-E526-4335-8881-AF270A1B28C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Devour\DEVOUR.exe () [Archivo no firmado]
FirewallRules: [{E654CF2E-5928-4DD6-B08B-1A70F9D854B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Devour\DEVOUR.exe () [Archivo no firmado]
FirewallRules: [{AB407CB7-6A03-467F-BF7B-3EAE6E5D974F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{480C6602-A8F0-4CD4-AA2D-AB8069EA5E9D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Ningún archivo
FirewallRules: [{9E6EFAB9-EFA3-4B1E-B67D-E4ECCBA59176}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Ningún archivo
FirewallRules: [{01DF0815-250E-4BEF-A399-C43432F6D46B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Ningún archivo
FirewallRules: [{C9B70DF6-3CB5-42AC-9DE3-6A0E1C192420}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Ningún archivo

==================== Puntos de Restauración =========================

28-01-2022 18:41:52 Instalador de Módulos de Windows
28-01-2022 18:42:51 Instalador de Módulos de Windows
28-01-2022 18:48:39 Instalador de Módulos de Windows
28-01-2022 18:49:13 Instalador de Módulos de Windows
  1. Adition.txt parte 2:
==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (01/28/2022 07:54:30 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: El subárbol del usuario se carga mediante otro proceso (bloqueo del registro) nombre del proceso: C:\Program Files\Avast Software\Avast\aswToolsSvc.exe, PID: 4268, ProfSvc PID: 2168.

Error: (01/28/2022 06:43:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa SystemSettings.exe (versión 10.0.19041.1023) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 4448

Hora de Inicio: 01d8147e9f045abe

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

Id. de informe: a88d8818-5f1e-4901-b265-f0f242400ae6

Nombre completo del paquete con errores: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

Id. de la aplicación relativa al paquete con errores: microsoft.windows.immersivecontrolpanel

Tipo de bloqueo: Quiesce

Error: (01/28/2022 03:03:18 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (01/28/2022 12:20:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Los Servicios de cifrado no pudieron inicializar la base de datos del catálogo. El error ESENT era: -1023.

Error: (01/28/2022 12:20:33 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Catalog Database (5156,R,98) Catalog Database: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\CatRoot2\edb.log.

Error: (01/28/2022 12:20:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Los Servicios de cifrado no pudieron inicializar la base de datos del catálogo. El error ESENT era: -1023.

Error: (01/28/2022 12:20:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Los Servicios de cifrado no pudieron inicializar la base de datos del catálogo. El error ESENT era: -1023.

Error: (01/28/2022 12:20:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Los Servicios de cifrado no pudieron inicializar la base de datos del catálogo. El error ESENT era: -1023.


Errores del sistema:
=============
Error: (01/28/2022 08:03:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Browser no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (01/28/2022 08:03:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Browser.

Error: (01/28/2022 08:03:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Browser no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (01/28/2022 08:03:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Browser.

Error: (01/28/2022 08:03:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Browser no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (01/28/2022 08:03:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Browser.

Error: (01/28/2022 08:03:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Browser no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (01/28/2022 08:03:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Browser.

Windows Defender:
================
Date: 2022-01-19 08:40:01
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Raccoon.DM!MTB&threatid=2147810746&enterprise=0
Nombre: Trojan:Win32/Raccoon.DM!MTB
Id.: 2147810746
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\CESAR AUGUSTO\AppData\Roaming\acbtsbr
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: LAPTOP-PKMCITN5\CESAR AUGUSTO
Nombre de proceso: C:\Windows\System32\svchost.exe
Versión de inteligencia de seguridad: AV: 1.355.2164.0, AS: 1.355.2164.0, NIS: 1.355.2164.0
Versión de motor: AM: 1.1.18800.4, NIS: 1.1.18800.4

Date: 2022-01-19 08:33:17
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Raccoon.DM!MTB&threatid=2147810746&enterprise=0
Nombre: Trojan:Win32/Raccoon.DM!MTB
Id.: 2147810746
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\CESAR AUGUSTO\AppData\Roaming\acbtsbr
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: LAPTOP-PKMCITN5\CESAR AUGUSTO
Nombre de proceso: C:\Windows\explorer.exe
Versión de inteligencia de seguridad: AV: 1.355.2164.0, AS: 1.355.2164.0, NIS: 1.355.2164.0
Versión de motor: AM: 1.1.18800.4, NIS: 1.1.18800.4

Date: 2022-01-19 02:35:17
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/DefenderTamperingRestore&threatid=2147741622&enterprise=0
Nombre: VirTool:Win32/DefenderTamperingRestore
Id.: 2147741622
Gravedad: Grave
Categoría: Herramienta
Ruta de acceso: regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
Origen de detección: Desconocido
Tipo de detección: Concreto
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.355.2069.0, AS: 1.355.2069.0, NIS: 1.355.2069.0
Versión de motor: AM: 1.1.18800.4, NIS: 1.1.18800.4

Date: 2022-01-19 02:33:39
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=PWS:MSIL/RedLine.GG!MTB&threatid=2147772078&enterprise=0
Nombre: PWS:MSIL/RedLine.GG!MTB
Id.: 2147772078
Gravedad: Grave
Categoría: Programa de interceptación de contraseñas
Ruta de acceso: amsi:_\Device\HarddiskVolume3\Users\CESAR AUGUSTO\AppData\Roaming\Green\neofim.exe; amsi:_\Device\HarddiskVolume3\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Pictures\Adobe Films\FLXvVmEjL_4mggFAv_Jy745C.exe; amsi:_\Device\HarddiskVolume3\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Pictures\Adobe Films\HoDiy8FDmrDQuXRxWAZjXGch.exe; amsi:_\Device\HarddiskVolume3\Users\CESARA~1\AppData\Local\Temp\a8df190b-3458-49f7-935b-f16c02a175c8.exe; amsi:_\Device\HarddiskVolume3\Users\CESARA~1\AppData\Local\Temp\cb2faade-4a49-40a6-96b3-77a1ee7a32ab.exe
Origen de detección: Desconocido
Tipo de detección: Concreto
Origen de detección: AMSI
Usuario: LAPTOP-PKMCITN5\CESAR AUGUSTO
Nombre de proceso: C:\Users\CESAR AUGUSTO\AppData\Roaming\Green\neofim.exe
Versión de inteligencia de seguridad: AV: 1.355.2069.0, AS: 1.355.2069.0, NIS: 1.355.2069.0
Versión de motor: AM: 1.1.18800.4, NIS: 1.1.18800.4

Date: 2022-01-19 02:33:15
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Ransom:Win32/StopCrypt.PAH!MTB&threatid=2147810520&enterprise=0
Nombre: Ransom:Win32/StopCrypt.PAH!MTB
Id.: 2147810520
Gravedad: Grave
Categoría: Ransomware
Ruta de acceso: file:_C:\Users\CESAR AUGUSTO\AppData\Local\Microsoft\Windows\INetCache\IE\L84HDXGG\empty[1]
Origen de detección: Internet
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: LAPTOP-PKMCITN5\CESAR AUGUSTO
Nombre de proceso: C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Pictures\Adobe Films\SWeSKmQ_w49capVQ3Sb8x7_o.exe
Versión de inteligencia de seguridad: AV: 1.355.2069.0, AS: 1.355.2069.0, NIS: 1.355.2069.0
Versión de motor: AM: 1.1.18800.4, NIS: 1.1.18800.4
Event[0]:

Date: 2022-01-07 18:52:59
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.355.1471.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.18800.4
Código de error: 0x80080005
Descripción del error: Error en la ejecución de servidor 

Date: 2022-01-04 23:09:47
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.355.1369.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.18800.4
Código de error: 0x80070102
Descripción del error: Tiempo de espera de la operación de espera agotado. 

Date: 2022-01-04 11:19:47
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.355.1369.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.18800.4
Código de error: 0x80080005
Descripción del error: Error en la ejecución de servidor 

Date: 2022-01-03 13:03:41
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.355.1258.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.18800.4
Código de error: 0x80080005
Descripción del error: Error en la ejecución de servidor 

Date: 2021-12-30 16:53:04
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.355.1066.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.18800.4
Código de error: 0x80080005
Descripción del error: Error en la ejecución de servidor 

CodeIntegrity:
===============
Date: 2022-01-28 19:57:46
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2022-01-28 19:54:48
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Información de la memoria =========================== 

BIOS: Insyde Corp. V1.31 06/29/2020
Placa base: CFL Octavia_CFS
Procesador: Intel(R) Core(TM) i5-9300H CPU @ 2.40GHz
Porcentaje de memoria en uso: 64%
RAM física total: 12125.05 MB
RAM física disponible: 4266.08 MB
Virtual total: 19293.05 MB
Virtual disponible: 9495.9 MB

==================== Unidades ================================

Drive c: (Acer) (Fixed) (Total:475.82 GB) (Free:102.11 GB) NTFS

\\?\Volume{4a791c73-f3b6-4c16-861b-47c3320bead1}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.51 GB) NTFS
\\?\Volume{0f6c2593-bc0f-4274-8578-6f9d514bec97}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: DCAE3482)

Partition: GPT.

==================== Final de Addition.txt =======================

Hola nuevamente

Como recordatorio, mientras estemos en desinfección al estar trabajando con FRST evitemos la instalación de programas, especialmente los de desinfección. Ya que puede ser contra producente.

Realiza lo siguiente:

:one: Desisntala el siguiente programa:

  • SpyHunter 5

Puedes usar Revo Unisntaller: Manual de Revo Uninstaller

:two: Crea otra copia de seguridad del registro con Registry Backup

:three: Deshabilita nuevamente tu antivirus: ¿Cómo deshabilitar temporalmente su Antivirus?

:four: En el equipo, con los demás programas cerrados abra el notepad; puede abrirlo en la barra de búsqueda de windows y escribiendo notepad.exe

Posteriormente, copie y pegue este script de reparación dentro del Notepad comenzando en Start y terminando en End:

Start
SystemRestore: On
CreateRestorePoint:
CloseProcesses:

HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [17301280 2022-01-27] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [528160 2022-01-27] (EnigmaSoft Limited -> EnigmaSoft Limited)
R3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [76744 2022-01-28] (EnigmaSoft Limited -> EnigmaSoft Limited)
2022-01-27 23:29 - 2022-01-28 19:53 - 000076744 _____ (EnigmaSoft Limited) C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys
2022-01-20 20:09 - 2022-01-27 13:04 - 000001083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk
2022-01-20 20:09 - 2022-01-20 20:09 - 000000000 ____D C:\sh5ldr
2022-01-20 20:09 - 2022-01-20 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2022-01-20 20:09 - 2022-01-20 20:09 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2022-01-20 20:08 - 2022-01-20 20:08 - 000000000 ____D C:\Program Files\EnigmaSoft
2022-01-19 02:33 - 2022-01-19 02:33 - 006174399 _____ C:\Users\CESAR AUGUSTO\AppData\LocalLow\MlHPtNgvzv1.zip
2021-06-21 11:20 - 2021-06-21 11:20 - 000000558 _____ () C:\Users\CESAR AUGUSTO\AppData\Local\bowsakkdestx.txt
HKLM\...\StartupApproved\Run32: => "haleng"
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\StartupApproved\StartupFolder: => "3ffadc7a.exe"
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\StartupApproved\Run: => "Prun"
%Temp%\*.*
FirewallRules: [{480C6602-A8F0-4CD4-AA2D-AB8069EA5E9D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Ningún archivo
FirewallRules: [{9E6EFAB9-EFA3-4B1E-B67D-E4ECCBA59176}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Ningún archivo
FirewallRules: [{01DF0815-250E-4BEF-A399-C43432F6D46B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Ningún archivo
FirewallRules: [{C9B70DF6-3CB5-42AC-9DE3-6A0E1C192420}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Ningún archivo
DeleteKey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\TaskManager
Folder: C:\Users\CESAR AUGUSTO\AppData\Roaming
Folder: C:\Users\CESAR AUGUSTO\AppData\LocalLow
Folder: C:\Users\CESAR AUGUSTO\AppData\Local
Folder: C:\ProgramData
Folder: C:\Program Files (x86)
Folder: C:\Program Files\Common Files
Folder: C:\Program Files

CMD: ipconfig /flushdns
CMD: ipconfig /renew
End
  • Vaya a Archivo y selecciona Guardar Como.
  • En la parte de Codificación elija Unicode o UTF8 según le dé la opción.
  • Guárdelo bajo el nombre de fixlist.txt en el escritorio al igual que FRST. Esto es muy importante.

¡:warning:ATENCIÓN! El anterior Script de reparación fue hecho específicamente por un miembro del Staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo

  • Ejecute Frst.exe. y presione el botón Fix / Corregir
  • Espere pacientemente a que termine y no use el equipo. Al terminar el equipo podría reiniciarse
  • La Herramienta guardará el reporte en su escritorio (Fixlog.txt).

:five: En la barra de búsqueda escribe cmd y en la primera opción que aparezca da clic derecho y elige Ejecutar como administrador. Se abrirá una ventana negra. Copia y pega los siguientes comandos línea por línea:

dism /online /cleanup-image /restorehealth

dism /online /cleanup-image /startcomponentcleanup

sfc /scannow

Si alguno te pide reiniciar procedes. Revisa si el ultimo comando te informa si encontro alguna infracción y si la pudo reparar. Si encontró y copia y pega este otro comando:


findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Desktop\sfcdetails.txt"

Esto generará un reporte en tu escritorio llamado sfcdetails. Por favor trae su contenido o adjúntalo en un mensaje.

Nos traerías:

  • El reporte de FRST
  • De haber encontrado algún problema sfc después de la operación de los comandos anteriores nos comentas y adjuntas el reporte creado

Saludos

1 me gusta

Hola de nuevo, Cabe aclarar que el spyhunter 5 ya lo tenía descargado, igualmente ya lo desinstalé.

Hice los otros pasos, y me imagino que el reporte que te refieres es al Fixlog.txt , no hubo problemas al ejecutar los comandos del paso 5. Sin embargo, el reporte es demasiado largo y creo que tendría que hacer como 4 partes, así que de momento esperaré tu confirmación y te pasaré el que pediste suponiendo que no te confundiste o algo:

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 26-01-2022
Ejecutado por CESAR AUGUSTO (administrador) sobre LAPTOP-PKMCITN5 (Acer Nitro AN515-54) (28-01-2022 20:03:50)
Ejecutado desde C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Desktop
Perfiles cargados: CESAR AUGUSTO
Plataforma: Microsoft Windows 10 Home Versión 20H2 19042.1466 (X64) Idioma: Español (México)
Navegador predeterminado: Edge
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\11.0.0.4854\AdskLicensingService\AdskLicensingService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Discord Inc. -> Discord Inc.) C:\Users\CESAR AUGUSTO\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(Famatech Corp. -> Famatech Corp.) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(GoTrustID Inc. -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe
(GoTrustID Inc. -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba355e1f8cdccc52\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba355e1f8cdccc52\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a84f31b20764b965\OneApp.IGCC.WinService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a6f2bd19df3d42e0\IntelCpHDCPSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a6f2bd19df3d42e0\IntelCpHeciSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_a9a8972288e9f3b5\RstMwService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\CESAR AUGUSTO\AppData\Local\Microsoft\OneDrive\22.002.0103.0004\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_a87281c4bd1a1369\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\82.0.4227.50\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\opera.exe <28>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Skutta, Kristjan -> ) C:\Program Files (x86)\wallpaper_engine\bin\wallpaperservice32_c.exe
(Skutta, Kristjan -> ) C:\Program Files (x86)\wallpaper_engine\wallpaper32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSysSvc64.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1093872 2020-04-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSvc64.exe [1464728 2019-01-31] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [221992 2020-12-09] (Autodesk, Inc. -> Autodesk)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321112 2020-06-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [668376 2021-05-10] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [2913648 2021-05-10] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [RadminVPN] => C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe [2109824 2021-12-20] (Famatech Corp. -> Famatech Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [Discord] => C:\Users\CESAR AUGUSTO\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [MicrosoftEdgeAutoLaunch_B6F392562D1EC895C9A9054596D11568] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKLM\...\Print\Monitors\EPSON L575 Series 64MonitorBE: C:\Windows\system32\E_YLMBMTE.DLL [180224 2014-03-04] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-26] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {0A241CEB-410F-47D2-9B9D-A244AED8993D} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {0DAA99BE-B328-4A05-AD87-74D0FFB106A0} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1615899705 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\launcher.exe [2192592 2021-12-22] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {1349AF54-8542-482E-8DF6-1468CE1A9F7A} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211136 2019-01-09] (Acer Incorporated -> Acer Incorporated)
Task: {13F8992E-0787-421E-8F51-A5963FB3F490} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-23] (Google LLC -> Google LLC)
Task: {198EC9DC-1712-4207-A390-C83D67CED7C5} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4969240 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
Task: {1DCA5B2B-01DA-43E7-8C97-5981269B93EF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F77793D-AA50-4F10-B9A8-A914B7ACC60F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {22109985-6699-4588-A002-69CC77337C26} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {22556C22-BD91-4776-89D2-388D85253577} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-23] (Google LLC -> Google LLC)
Task: {249BF8D8-C803-4EBE-B814-D83184833351} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268096 2019-01-09] (Acer Incorporated -> Acer Incorporated)
Task: {25752A4F-8265-49BA-AB7A-A0B95B3921F7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {26765FE8-1C67-4D8E-A4F9-1D0C9A8AA4CB} - System32\Tasks\Opera GX scheduled Autoupdate 1608758439 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\launcher.exe [2192592 2021-12-22] (Opera Software AS -> Opera Software)
Task: {26BDF35B-FFAF-4F10-950E-E05C6C46744F} - System32\Tasks\Opera scheduled assistant Autoupdate 1624259789 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {2848D67B-B468-42C9-8F9A-2764624705E5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {3995513C-F385-4C33-B6A1-767D11F62D71} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {3C86CD53-AE7E-45AC-9569-31E277B3A2B5} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {45635272-3F1F-4306-9ABF-BF1E5305B323} - System32\Tasks\GoTrust ID Driver => C:\Program Files\GoTrust ID Plugin\Resource\GO-Trust_ID_Driver.exe [63488 2019-08-02] (GoTrustID Inc. -> )
Task: {4C8B1A94-7BD1-42C8-AEC5-F56EB8D944F9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4FC6407D-F6EC-4C72-8D37-F60EDB6F2AB5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {5668B6C4-BD04-44A3-9E78-D99339F18A84} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5F649278-A052-42CE-A2C6-96BE4C73E512} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {5F8B70F6-3B6E-465B-888E-63FD75193946} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2962984 2020-07-27] (Acer Incorporated -> )
Task: {5FA511A7-2184-42B8-94C7-7A72677FE001} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {7148287A-5EAE-418F-9830-1596AEB4A588} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7615CD46-3B45-44EA-A2C4-0138C6CFE988} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2019-07-18] (Acer Incorporated -> Acer Incorporated)
Task: {764BEBE5-FEEF-4E79-878B-738996D37990} - System32\Tasks\Opera scheduled assistant Autoupdate 1624391081 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {8D21E0E2-D11C-4E6F-86D7-BE5D98E2A98E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {97FC14C4-98D0-4D97-844C-0AF0D670AE5C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1778456 2022-01-19] (Avast Software s.r.o. -> Avast Software)
Task: {9A383A7F-8E4D-4115-9ADC-5084E1D5ABCF} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [42024 2020-07-27] (Acer Incorporated -> )
Task: {9D416725-2AC0-435F-9603-28FF7671286C} - System32\Tasks\NitroSense => C:\Program Files\Acer\NitroSense Service\PSLauncher.exe [601904 2019-07-19] (Acer Incorporated -> Acer Incorporated)
Task: {9DDA5E13-467B-4B04-8B3C-F125E2A7559B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F9ED5F0-31B2-491E-882E-9AA16815C330} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4829224 2020-07-27] (Acer Incorporated -> )
Task: {A005E184-334C-4814-9B1D-C84DE454E937} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [65064 2020-03-16] (Acer Incorporated -> Acer)
Task: {BAC2E6E7-89A9-4640-A8D5-C51499FA08D2} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [447528 2020-09-10] (Acer Incorporated -> Acer Incorporated)
Task: {C01A2ECD-FB7B-4C94-AAF3-06B4EE97383A} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2770984 2020-09-10] (Acer Incorporated -> Acer Incorporated)
Task: {D6796CB2-1B5B-484D-B09D-BF244EB3152A} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4191328 2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC0A48B6-18A0-40EA-B870-11007E5437C2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E2C2598A-3DF4-4736-B357-A1F80347D000} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {E2F96AEF-C57E-4968-BBE5-7B737E3D0B2E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E574E134-AE74-4BC7-A397-11AD60F14E7D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FF4878B0-2DB8-47F7-B52A-1C4427715D33} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog9 17 %windir%\system32\vsocklib.dll => Ningún archivo 
Winsock: Catalog9 18 %windir%\system32\vsocklib.dll => Ningún archivo 
Winsock: Catalog9-x64 17 %windir%\system32\vsocklib.dll => Ningún archivo 
Winsock: Catalog9-x64 18 %windir%\system32\vsocklib.dll => Ningún archivo 
Tcpip\Parameters: [DhcpNameServer] 190.157.8.100 190.157.8.101
Tcpip\..\Interfaces\{e0d22745-d32f-4482-84fc-3856f54941cb}: [DhcpNameServer] 190.157.8.100 190.157.8.101

Edge: 
=======
Edge Profile: C:\Users\CESAR AUGUSTO\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-28]
Edge Extension: (T-Сashback — кэшбэк-сервис) - C:\Users\CESAR AUGUSTO\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odbmjgikedenicicookngdckhkjbebpd [2022-01-28]
Edge HKLM-x32\...\Edge\Extension: [odbmjgikedenicicookngdckhkjbebpd]

FireFox:
========
FF DefaultProfile: lc7ad3c0.default
FF ProfilePath: C:\Users\CESAR AUGUSTO\AppData\Roaming\Mozilla\Firefox\Profiles\lc7ad3c0.default [2022-01-27]
FF ProfilePath: C:\Users\CESAR AUGUSTO\AppData\Roaming\Mozilla\Firefox\Profiles\m2lglfcg.default-release [2022-01-27]
FF Extension: (Español (España) Language Pack) - C:\Users\CESAR AUGUSTO\AppData\Roaming\Mozilla\Firefox\Profiles\m2lglfcg.default-release\Extensions\[email protected] [2020-11-30]
FF Plugin: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-01-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-01-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-03] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\CESAR AUGUSTO\AppData\Local\Google\Chrome\User Data\System Profile [2022-01-27]
CHR HomePage: System Profile -> hxxps://www.google.com/
CHR StartupUrls: System Profile -> "hxxps://www.google.com/"
CHR Extension: (YoutubeDownloader) - C:\Users\CESAR AUGUSTO\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo [2022-01-19] [UpdateUrl:hxxps://clients75.google.com/service/update2/crx] <==== ATENCIÓN
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]

Opera: 
=======
OPR Profile: C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable [2022-01-27]
OPR DefaultSearchKeyword: Opera Stable -> find-it.pro
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-06-21]
OPR Extension: (YoutubeDownloader) - C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\pdfbhfjldacbdamjhomkgomeialekbng [2022-01-19]
StartMenuInternet: (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001) Opera GXStable - "C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [300584 2020-07-27] (Acer Incorporated -> Acer Incorporated)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1050920 2021-05-10] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [18673448 2020-11-17] (Autodesk, Inc. -> Autodesk)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8480848 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [452888 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1720088 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [452888 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8906088 2021-02-24] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2022-01-17] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-12] (Epic Games Inc. -> Epic Games, Inc.)
R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [17301280 2022-01-27] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 GoTrust ID Plugin; C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe [17408 2019-08-02] (GoTrustID Inc. -> GOTrustID Inc.)
R2 GoTrustID Service; C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe [246272 2019-08-02] (GoTrustID Inc. -> GOTrustID Inc.)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-03-31] (Microsoft Windows -> Microsoft Corporation)
S3 PSSvc; C:\Program Files\Acer\NitroSense Service\PSSvc.exe [820016 2019-07-19] (Acer Incorporated -> Acer Incorporated)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [465960 2020-09-10] (Acer Incorporated -> Acer Incorporated)
S3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [526888 2020-09-10] (Acer Incorporated -> Acer Incorporated)
R2 RvControlSvc; C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe [1058688 2021-12-20] (Famatech Corp. -> Famatech Corp.)
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [528160 2022-01-27] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14676264 2021-06-11] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [305984 2019-01-10] (Acer Incorporated -> Acer Incorporated)
R2 Wallpaper Engine Service; C:\Program Files (x86)\wallpaper_engine\bin\wallpaperservice32_c.exe [127648 2021-06-18] (Skutta, Kristjan -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Browser; %SystemRoot%\System32\browser.dll [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_a87281c4bd1a1369\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_a87281c4bd1a1369\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2022-01-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [42256 2021-03-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [59344 2021-03-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [76744 2022-01-28] (EnigmaSoft Limited -> EnigmaSoft Limited)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-10-31] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [70560 2018-09-03] (Realtek Semiconductor Corp. -> Realtek)
R3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [69048 2021-04-30] (Famatech Corp. -> Famatech Corp.)
R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [232792 2021-09-05] (Valve Corp. -> Valve Corporation)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-01-28 19:51 - 2022-01-28 19:51 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-01-28 18:57 - 2022-01-28 18:57 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2022-01-28 18:57 - 2022-01-28 18:57 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2022-01-28 18:57 - 2022-01-28 18:57 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-01-28 18:57 - 2022-01-28 18:57 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-01-28 18:57 - 2022-01-28 18:57 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2022-01-28 18:57 - 2022-01-28 18:57 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-28 18:57 - 2022-01-28 18:57 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-28 18:57 - 2022-01-28 18:57 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-28 18:56 - 2022-01-28 18:56 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2022-01-28 18:56 - 2022-01-28 18:56 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-01-28 18:56 - 2022-01-28 18:56 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2022-01-28 18:56 - 2022-01-28 18:56 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2022-01-28 18:56 - 2022-01-28 18:56 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-01-28 18:56 - 2022-01-28 18:56 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2022-01-28 18:56 - 2022-01-28 18:56 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-01-28 18:56 - 2022-01-28 18:56 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-01-28 18:56 - 2022-01-28 18:56 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-01-28 18:56 - 2022-01-28 18:56 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-01-28 18:49 - 2022-01-28 18:49 - 000000000 ___HD C:\$WinREAgent
2022-01-28 18:38 - 2022-01-28 18:38 - 000001150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-01-28 18:38 - 2022-01-28 18:38 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-01-28 14:44 - 2022-01-28 14:44 - 007333288 _____ (Tweaking.com) C:\Users\CESAR AUGUSTO\Downloads\tweaking.com_registry_backup_setup.exe
2022-01-28 14:44 - 2022-01-28 14:44 - 000019887 _____ C:\WINDOWS\Tweaking.com - Registry Backup Setup Log.txt
2022-01-28 14:44 - 2022-01-28 14:44 - 000002316 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2022-01-28 14:44 - 2022-01-28 14:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2022-01-28 14:44 - 2022-01-28 14:44 - 000000000 ____D C:\Program Files (x86)\Tweaking.com
2022-01-28 11:16 - 2022-01-28 11:16 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-LAPTOP-PKMCITN5-Windows-10-Home-(64-bit).dat
2022-01-28 11:16 - 2022-01-28 11:16 - 000000000 ____D C:\RegBackup
2022-01-28 11:15 - 2022-01-28 11:15 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-01-28 11:09 - 2022-01-28 11:10 - 000000000 ____D C:\Users\CESAR AUGUSTO\Downloads\Tweaking.com - Windows Repair
2022-01-28 03:20 - 2022-01-28 03:20 - 021882800 _____ (Intel Corporation) C:\Users\CESAR AUGUSTO\Downloads\setuprst.exe
2022-01-28 02:20 - 2022-01-28 10:23 - 000000000 ____D C:\Users\CESAR AUGUSTO\Doctor Web
2022-01-28 02:19 - 2022-01-28 02:19 - 265026960 ____N C:\Users\CESAR AUGUSTO\Downloads\gw4oto4a.exe
2022-01-27 23:29 - 2022-01-28 19:53 - 000076744 _____ (EnigmaSoft Limited) C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys
2022-01-27 21:49 - 2022-01-27 21:49 - 000000112 ___SH C:\bootTel.dat
2022-01-27 15:38 - 2022-01-27 23:20 - 000000000 ____D C:\Program Files\Argente - Registry Cleaner
2022-01-27 15:38 - 2022-01-27 21:54 - 000000988 _____ C:\Users\Public\Desktop\Argente - Registry Cleaner.lnk
2022-01-27 15:38 - 2022-01-27 21:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Argente - Registry Cleaner
2022-01-27 15:14 - 2022-01-27 15:14 - 000023689 _____ C:\Users\CESAR AUGUSTO\Downloads\Calculos laboratorio péndulo.xlsx
2022-01-26 14:35 - 2022-01-26 14:35 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\mbam
2022-01-26 14:20 - 2022-01-26 14:25 - 000000000 ____D C:\AdwCleaner
2022-01-24 21:27 - 2022-01-28 19:53 - 023855104 _____ C:\WINDOWS\system32\config\SYSTEM
2022-01-24 17:51 - 2022-01-28 20:04 - 000000000 ____D C:\FRST
2022-01-20 21:10 - 2022-01-20 21:10 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\Straight Back Games
2022-01-20 20:09 - 2022-01-27 13:04 - 000001083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk
2022-01-20 20:09 - 2022-01-20 20:09 - 000000000 ____D C:\sh5ldr
2022-01-20 20:09 - 2022-01-20 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2022-01-20 20:09 - 2022-01-20 20:09 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2022-01-20 20:08 - 2022-01-20 20:08 - 000000000 ____D C:\Program Files\EnigmaSoft
2022-01-20 01:55 - 2022-01-20 01:55 - 000000000 ___HD C:\$SysReset
2022-01-20 00:12 - 2022-01-20 00:36 - 000000000 ____D C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Documents\Descargas
2022-01-20 00:09 - 2022-01-20 00:11 - 000000000 ____D C:\Users\CESAR AUGUSTO\Downloads\Descargas
2022-01-19 23:39 - 2022-01-19 23:39 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\Intel
2022-01-19 23:25 - 2022-01-28 03:26 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2022-01-19 23:25 - 2022-01-19 23:25 - 000000000 ____D C:\Program Files\Common Files\Intel
2022-01-19 23:23 - 2022-01-19 23:23 - 000000000 ____D C:\Users\CESAR AUGUSTO\Intel
2022-01-19 23:14 - 2022-01-22 00:30 - 000003030 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2022-01-19 23:14 - 2022-01-22 00:30 - 000002738 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2022-01-19 23:14 - 2022-01-22 00:30 - 000002664 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2022-01-19 23:14 - 2021-07-23 11:36 - 000041816 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2022-01-19 23:01 - 2022-01-19 23:01 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Skype
2022-01-19 23:00 - 2020-10-05 14:16 - 000000000 ____D C:\Users\CESAR AUGUSTO\Downloads\IRST_Intel_17.5.2.1024_W10x64
2022-01-19 22:42 - 2022-01-19 22:42 - 000000100 _____ C:\Users\CESAR AUGUSTO\Downloads\Epic Games Account Two-Factor backup codes.txt
2022-01-19 14:46 - 2022-01-19 14:46 - 000637152 _____ C:\Users\CESAR AUGUSTO\Downloads\2190211_CamScanner 11-05-2020 11.26.21.pdf
2022-01-19 14:14 - 2022-01-19 14:14 - 000002092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2022-01-19 14:13 - 2022-01-19 14:13 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2022-01-19 14:13 - 2022-01-19 08:45 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-01-19 09:40 - 2022-01-19 09:40 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-01-19 08:52 - 2022-01-19 08:52 - 000000000 ___HD C:\$AV_ASW
2022-01-19 08:47 - 2022-01-24 17:02 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Avast Software
2022-01-19 08:46 - 2022-01-19 14:13 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-01-19 08:46 - 2022-01-19 08:46 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000540056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000021936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Avast Software
2022-01-19 08:46 - 2022-01-19 08:46 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2022-01-19 08:46 - 2022-01-19 08:45 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-01-19 08:46 - 2022-01-19 08:45 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-01-19 08:46 - 2022-01-19 08:45 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-01-19 08:45 - 2022-01-19 08:45 - 000000000 ____D C:\Program Files\Avast Software
2022-01-19 02:33 - 2022-01-19 19:36 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Green
2022-01-19 02:33 - 2022-01-19 08:48 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\UUID
2022-01-19 02:33 - 2022-01-19 02:33 - 006174399 _____ C:\Users\CESAR AUGUSTO\AppData\LocalLow\MlHPtNgvzv1.zip
2022-01-19 02:33 - 2022-01-19 02:33 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\discord_files
2022-01-19 02:32 - 2022-01-19 02:32 - 000916735 _____ (SQLite Development Team) C:\Users\CESAR AUGUSTO\AppData\LocalLow\sqlite3.dll
2022-01-19 02:07 - 2022-01-26 20:03 - 000000000 ____D C:\Program Files (x86)\Radmin VPN
2022-01-19 02:07 - 2022-01-19 02:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radmin VPN
2022-01-19 01:16 - 2022-01-19 01:16 - 054683722 _____ C:\Users\CESAR AUGUSTO\Downloads\0 BusquedaenScopus.mp4
2022-01-16 22:29 - 2022-01-16 22:29 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\Landfall West
2022-01-16 20:31 - 2022-01-16 19:41 - 000000000 ____D C:\Users\CESAR AUGUSTO\Downloads\NUEVOS MODS
2022-01-16 19:41 - 2022-01-16 20:09 - 037209024 _____ C:\Users\CESAR AUGUSTO\Downloads\NUEVOS MODS.rar
2022-01-16 18:13 - 2022-01-16 18:17 - 000000000 ____D C:\Users\CESAR AUGUSTO\Downloads\Stardew Valley v1.5.4 - LBvinicius02
2022-01-16 17:04 - 2022-01-17 12:35 - 000000000 ____D C:\Program Files\7-Zip
2022-01-16 17:04 - 2022-01-16 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-01-16 17:01 - 2022-01-16 17:26 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\SILLYAUTHORITYSoft
2022-01-15 17:01 - 2022-01-15 17:01 - 000000000 ____D C:\WINDOWS\Panther
2022-01-14 23:22 - 2022-01-14 23:22 - 000002060 _____ C:\Users\Public\Desktop\TLauncher.lnk
2022-01-14 23:22 - 2022-01-11 07:25 - 000710776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-01-14 23:21 - 2022-01-16 20:40 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\.minecraft
2022-01-14 23:21 - 2022-01-16 20:16 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\.tlauncher
2022-01-14 23:21 - 2022-01-14 23:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TLauncher
2022-01-14 23:21 - 2022-01-11 07:28 - 001879784 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-01-14 23:21 - 2022-01-11 07:28 - 001879784 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-01-14 23:21 - 2022-01-11 07:28 - 001467872 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-01-14 23:21 - 2022-01-11 07:28 - 001454824 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-01-14 23:21 - 2022-01-11 07:28 - 001454824 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-01-14 23:21 - 2022-01-11 07:28 - 001206400 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-01-14 23:21 - 2022-01-11 07:28 - 001115368 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-01-14 23:21 - 2022-01-11 07:28 - 001115368 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-01-14 23:21 - 2022-01-11 07:28 - 000969448 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-01-14 23:21 - 2022-01-11 07:28 - 000969448 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-01-14 23:21 - 2022-01-11 07:25 - 001529512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-01-14 23:21 - 2022-01-11 07:25 - 001179096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-01-14 23:21 - 2022-01-11 07:25 - 000797096 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-01-14 23:21 - 2022-01-11 07:25 - 000710824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-01-14 23:21 - 2022-01-11 07:25 - 000637864 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-01-14 23:21 - 2022-01-11 07:24 - 002119792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-01-14 23:21 - 2022-01-11 07:24 - 001601144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-01-14 23:21 - 2022-01-11 07:24 - 000983208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-01-14 23:21 - 2022-01-11 07:24 - 000455792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-01-14 23:21 - 2022-01-11 07:23 - 008609920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-01-14 23:21 - 2022-01-11 07:23 - 005734568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-01-14 23:21 - 2022-01-11 07:23 - 002934696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-01-14 23:21 - 2022-01-11 07:22 - 000850088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-01-14 23:21 - 2022-01-10 18:54 - 000089178 _____ C:\WINDOWS\system32\nvinfo.pb
2022-01-10 23:30 - 2022-01-10 23:30 - 000207030 _____ C:\Users\CESAR AUGUSTO\Downloads\11__Fisica_Semana_2_Periodo_2.pdf
2022-01-08 19:51 - 2022-01-08 19:51 - 042684853 _____ C:\Users\CESAR AUGUSTO\Downloads\MAX BURGER MENÚ.pdf
2022-01-06 13:22 - 2022-01-06 13:22 - 000499120 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2022-01-06 13:22 - 2022-01-06 13:22 - 000431920 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000943464 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000704288 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000589184 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000455616 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000448392 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000373696 _____ C:\WINDOWS\system32\ze_loader.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000142272 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2022-01-06 13:20 - 2022-01-06 13:20 - 027888024 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2022-01-06 13:20 - 2022-01-06 13:20 - 020630424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2022-01-06 13:19 - 2022-01-06 13:19 - 000356824 _____ C:\WINDOWS\system32\ControlLib.dll

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-01-28 19:58 - 2021-03-31 12:14 - 001761304 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-28 19:58 - 2020-12-04 08:26 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-28 19:58 - 2019-12-07 10:03 - 000770064 _____ C:\WINDOWS\system32\perfh00A.dat
2022-01-28 19:58 - 2019-12-07 10:03 - 000148566 _____ C:\WINDOWS\system32\perfc00A.dat
2022-01-28 19:58 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-28 19:56 - 2021-09-30 18:15 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\discord
2022-01-28 19:55 - 2021-06-11 16:00 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Discord
2022-01-28 19:55 - 2020-12-01 07:19 - 000000000 ___RD C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER
2022-01-28 19:55 - 2020-11-29 23:31 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-28 19:54 - 2020-11-30 07:02 - 000000000 __SHD C:\Users\CESAR AUGUSTO\IntelGraphicsProfiles
2022-01-28 19:54 - 2020-09-11 01:06 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-28 19:54 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-28 19:53 - 2021-06-22 15:03 - 000000000 ____D C:\Program Files\TeamViewer
2022-01-28 19:53 - 2021-03-31 12:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-28 19:53 - 2021-03-31 12:06 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-28 19:53 - 2021-03-13 11:00 - 000000000 ____D C:\ProgramData\Avast Software
2022-01-28 19:53 - 2020-09-11 00:30 - 000000000 ___HD C:\Intel
2022-01-28 19:53 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-28 19:53 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-28 19:53 - 2019-12-07 04:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-01-28 19:52 - 2021-03-31 12:06 - 000534416 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-28 19:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\es-MX
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-01-28 19:51 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\servicing
2022-01-28 19:50 - 2021-04-25 23:31 - 000003314 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d72650cda261e2
2022-01-28 19:50 - 2021-03-31 12:12 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-28 19:50 - 2021-03-31 12:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-28 19:50 - 2020-12-02 07:31 - 000000000 ____D C:\Program Files (x86)\Steam
2022-01-28 19:00 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-28 18:43 - 2019-12-07 10:05 - 000000000 ____D C:\WINDOWS\OCR
2022-01-28 18:42 - 2020-12-04 08:20 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-01-28 18:41 - 2020-12-04 08:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-28 18:38 - 2020-12-04 08:21 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-28 18:36 - 2021-06-05 16:56 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\obs-studio
2022-01-28 15:05 - 2021-03-31 12:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-01-28 15:05 - 2020-11-29 23:39 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\D3DSCache
2022-01-28 15:03 - 2019-12-07 04:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-28 12:20 - 2021-03-31 12:07 - 000000000 ____D C:\Users\CESAR AUGUSTO
2022-01-28 03:34 - 2020-11-30 19:02 - 000000000 ____D C:\ProgramData\Autodesk
2022-01-27 23:28 - 2021-10-06 03:58 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\Temp
2022-01-27 15:44 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-01-26 14:53 - 2021-06-21 18:37 - 000000000 ____D C:\Program Files\Stellar Data Recovery
2022-01-26 14:53 - 2021-06-21 11:17 - 000000000 ____D C:\Program Files (x86)\Company
2022-01-26 14:25 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-01-26 14:09 - 2020-12-23 18:35 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-26 14:05 - 2021-06-21 11:21 - 021233664 _____ C:\WINDOWS\system32\C_32770.NLS
2022-01-24 17:02 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-22 00:31 - 2020-11-30 12:55 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\CrashDumps
2022-01-22 00:30 - 2021-12-11 11:00 - 000003126 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2694221440-3033398545-1844018541-1001
2022-01-22 00:30 - 2021-06-27 17:45 - 000002234 _____ C:\WINDOWS\system32\Tasks\NitroSense
2022-01-22 00:30 - 2021-06-24 12:24 - 000002650 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2022-01-22 00:30 - 2021-06-22 14:44 - 000003982 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1624391081
2022-01-22 00:30 - 2021-06-21 02:16 - 000003982 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1624259789
2022-01-22 00:30 - 2021-04-06 09:39 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2694221440-3033398545-1844018541-1001
2022-01-22 00:30 - 2021-04-06 09:10 - 000003438 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{60644F42-85B0-4A4F-A239-78B3764B8658}
2022-01-22 00:30 - 2021-03-31 12:12 - 000004362 _____ C:\WINDOWS\system32\Tasks\Software Update Application
2022-01-22 00:30 - 2021-03-31 12:12 - 000003910 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled assistant Autoupdate 1615899705
2022-01-22 00:30 - 2021-03-31 12:12 - 000003642 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1608758439
2022-01-22 00:30 - 2021-03-31 12:12 - 000003546 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-22 00:30 - 2021-03-31 12:12 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-22 00:30 - 2021-03-31 12:12 - 000003458 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003322 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-22 00:30 - 2021-03-31 12:12 - 000003212 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003044 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000002974 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000002804 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:27 - 2021-04-06 09:39 - 000002456 _____ C:\Users\CESAR AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-21 00:41 - 2020-11-30 07:02 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Packages
2022-01-20 22:31 - 2021-09-07 13:05 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Ubisoft Game Launcher
2022-01-20 21:28 - 2020-11-29 23:36 - 000000000 ____D C:\Program Files (x86)\Epic Games
2022-01-20 20:59 - 2020-09-11 00:37 - 000000000 ____D C:\Program Files (x86)\Intel
2022-01-20 20:59 - 2020-09-11 00:35 - 000000000 ____D C:\ProgramData\Package Cache
2022-01-20 19:01 - 2020-12-29 12:26 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-01-19 23:41 - 2020-09-11 00:35 - 000000000 ____D C:\Program Files\Intel
2022-01-19 23:39 - 2020-09-11 00:36 - 000000000 ____D C:\ProgramData\Intel
2022-01-19 23:14 - 2020-11-30 07:02 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Intel
2022-01-19 14:49 - 2019-11-06 02:46 - 000000000 ___HD C:\OEM
2022-01-19 13:34 - 2021-07-01 22:14 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Telegram Desktop
2022-01-19 09:40 - 2020-11-30 14:50 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Zoom
2022-01-19 08:21 - 2020-12-24 18:53 - 000192736 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2022-01-19 08:21 - 2020-12-24 18:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-01-19 08:21 - 2020-12-24 18:53 - 000000000 ____D C:\Program Files\Java
2022-01-19 03:12 - 2020-11-30 13:03 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\StardewValley
2022-01-19 02:34 - 2019-03-18 23:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2022-01-17 16:20 - 2020-12-05 19:10 - 000000000 ____D C:\Program Files\Epic Games
2022-01-16 21:58 - 2021-09-07 13:05 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2022-01-16 21:58 - 2021-09-07 13:05 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2022-01-16 18:15 - 2021-06-26 10:55 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2022-01-16 18:15 - 2020-11-30 13:00 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2022-01-15 17:10 - 2020-12-01 00:08 - 000000000 ____D C:\Program Files\Microsoft Office
2022-01-14 23:31 - 2020-12-24 19:06 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\NVIDIA
2022-01-13 22:37 - 2020-11-30 16:32 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Adobe
2022-01-12 15:44 - 2021-11-26 14:56 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-11 07:24 - 2020-12-04 08:34 - 000792688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-01-11 07:23 - 2021-09-30 11:30 - 007713392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-01-11 07:23 - 2021-09-30 11:30 - 005099176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-01-11 07:21 - 2021-09-30 11:30 - 006455824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-01-11 07:21 - 2020-12-04 08:34 - 007610232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-01-02 00:28 - 2021-07-06 14:42 - 000001451 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2022-01-02 00:28 - 2020-09-11 01:03 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-01-02 00:28 - 2020-09-11 01:03 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-01-02 00:28 - 2020-09-11 01:03 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-12-29 11:40 - 2021-11-30 22:15 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\Unity

==================== Archivos en la raíz de algunos directorios ========

2021-06-21 11:20 - 2021-06-21 11:20 - 000000558 _____ () C:\Users\CESAR AUGUSTO\AppData\Local\bowsakkdestx.txt
2021-07-17 13:04 - 2021-07-17 13:04 - 000007603 _____ () C:\Users\CESAR AUGUSTO\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Hola nuevamente

Al referirme del reporte de FRST me refería a fixlog.txt no el de frst.txt. Una disculpa por no especificar

Para el reporte de ser muy largo puedes probar adjuntarlo como mencione anteriormente. Imagen gif de ejemplo:

Aunque si prefieres pegarlo en partes no vería mayor problema.

Ya con este podría ver si queda algo de la infección original.

Saludos

Hola nuevamente

Vale, vale, entonces el reporte de fixlog.txt lo subí a mediafire y el link es este (no me dejó subirlo directamente por el peso) : Fixlog Tambien cabe aclarar que el anuncio me sigue apareciendo.

Buenas,

Si Avast sigue generando alertas revisa el siguiente enlace:

Y genera un informe de los escudos. No debería haber necesidad de tener que hacer un escaneo, solo con esperar a que salte la alerta. Pero igual puedes hacerlo.

Respecto al problema de inicio del administrador de tareas ¿Sigue en blanco?

Por favor, toma una captura de persistir el problema. Puedes usar la tecla de capturar o la herramienta de recortes de windows (en la búsqueda de Windows te sale al escribir recortes).

Nos comentas.

Saludos

2 Me gusta

Hola nueavamente,

El administrador sigue en blanco, y se ve de esta forma

Con respecto al informe de avast, no estoy seguro si el que necesitas es ese, es que había varíos, pero el unico que traer la alerta es este: WebShield.txt (11,0 KB)

Hola nuevamente

Realiza lo siguiente:

:one: Deshabilita nuevamente tu antivirus: ¿Cómo deshabilitar temporalmente su Antivirus?

:two: En el equipo, con los demás programas cerrados abra el notepad; puede abrirlo en la barra de búsqueda de Windows y escribiendo notepad.exe

Posteriormente, copie y pegue este script de reparación dentro del Notepad comenzando en Start y terminando en End:

Start
SystemRestore: On
CreateRestorePoint:
CloseProcesses:

OPR DefaultSearchKeyword: Opera Stable -> find-it.pro
Winsock: Catalog9 17 %windir%\system32\vsocklib.dll => Ningún archivo 
Winsock: Catalog9 18 %windir%\system32\vsocklib.dll => Ningún archivo 
Winsock: Catalog9-x64 17 %windir%\system32\vsocklib.dll => Ningún archivo 
Winsock: Catalog9-x64 18 %windir%\system32\vsocklib.dll => Ningún archivo 

CMD: cd C:\Users\CESAR AUGUSTO\AppData\Roaming  & dir /a
CMD: cd C:\Users\CESAR AUGUSTO\AppData\LocalLow & dir /a
CMD: cd C:\Users\CESAR AUGUSTO\AppData\Local &dir /a
CMD: cd C:\ProgramData & dir  /a
CMD: cd C:\Program Files (x86) & dir /a
CMD: cd C:\Program Files (x86)\Common Files & dir /a
CMD: cd C:\Program Files & dir /a
CMD: cd C:\Program Files\Common Files & dir /a

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers 
CMD: netsh winsock reset
CMD: netsh int ip reset all
CMD: netsh int ipv6 reset all
EmptyTemp:
End
  • Vaya a Archivo y selecciona Guardar Como.
  • En la parte de Codificación elija Unicode o UTF8 según le de la opción.
  • Guárdelo bajo el nombre de fixlist.txt en el escritorio al igual que FRST. Esto es muy importante.

¡:warning:ATENCIÓN! El anterior Script de reparación fue hecho específicamente por un miembro del Staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo

  • Ejecute Frst.exe. y presione el botón Fix / Corregir
  • Espere pacientemente a que termine y no use el equipo. Al terminar el equipo podría reiniciarse
  • La Herramienta guardará el reporte en su escritorio (Fixlog.txt).

:three: Comprueba si el problema persiste respecto a los navegadores, en caso de persistir restablece los navegadores con los que se presente el problema. Dejo algunos enlaces con información para esto:

Nos traerías el reporte generado comentandonos como te fue.

Saludos

1 me gusta

Hola de nuevo,

El reporte Fixlog.txt: Fixlog.txt (32,6 KB)

Y con respecto al anuncio, me siguió apareciendo, sin embargo, una vez restablecí el navegador, dejó de aparecer el anuncio. Con respecto a las aplicaciones de inicio, sigue en blanco.

Hola nuevamente,

Respecto a lo referente al mensaje emergente me parece bien. Respecto a lo de las tareas de inicio en blanco tengo la siguiente duda. ¿El problema comenzó antes o después de haber instalado tu antivirus?

Antes de pasar a eso vamos a hacer unos últimos pasos, con los cuales ya debería estar todo en orden:

:one: Deshabilita nuevamente tu antivirus: ¿Cómo deshabilitar temporalmente su Antivirus?

:two: En el equipo, con los demás programas cerrados abra el notepad; puede abrirlo en la barra de búsqueda de Windows y escribiendo notepad.exe

Posteriormente, copie y pegue este script de reparación dentro del Notepad comenzando en Start y terminando en End:

Start
SystemRestore: On
CreateRestorePoint:

C:\Users\CESAR AUGUSTO\AppData\Local\51777c01-48aa-4ec0-bab4-ac5ee5b96599
C:\ProgramData\6070
C:\ProgramData\6679
C:\ProgramData\97400.97400
C:\ProgramData\{562A834E-6BA5-2C57-9496-F20151C20CF1}

End
  • Vaya a Archivo y selecciona Guardar Como.
  • En la parte de Codificación elija Unicode o UTF8 según le de la opción.
  • Guárdelo bajo el nombre de fixlist.txt en el escritorio al igual que FRST. Esto es muy importante.

¡:warning:ATENCIÓN! El anterior Script de reparación fue hecho específicamente por un miembro del Staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo

  • Ejecute Frst.exe. y presione el botón Fix / Corregir
  • Espere pacientemente a que termine y no use el equipo.
  • La Herramienta guardará el reporte en su escritorio (Fixlog.txt).

Nos traerías el reporte generado. Junto con mi duda y cualquier comentario respecto a algún cambio que notes

Saludos

Los problemas los tengo desde antes de instalar el anitvirus. Y el reporte de Fixlog.txt:

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 26-01-2022
Ejecutado por CESAR AUGUSTO (30-01-2022 01:23:42) Run:5
Ejecutado desde C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Desktop
Perfiles cargados: CESAR AUGUSTO
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
Start
SystemRestore: On
CreateRestorePoint:

C:\Users\CESAR AUGUSTO\AppData\Local\51777c01-48aa-4ec0-bab4-ac5ee5b96599
C:\ProgramData\6070
C:\ProgramData\6679
C:\ProgramData\97400.97400
C:\ProgramData\{562A834E-6BA5-2C57-9496-F20151C20CF1}

End
*****************

SystemRestore: On => completado
El punto de restauración fue creado correctamente.
"C:\Users\CESAR AUGUSTO\AppData\Local\51777c01-48aa-4ec0-bab4-ac5ee5b96599" => movido correctamente
"C:\ProgramData\6070" => movido correctamente
"C:\ProgramData\6679" => movido correctamente
"C:\ProgramData\97400.97400" => movido correctamente
"C:\ProgramData\{562A834E-6BA5-2C57-9496-F20151C20CF1}" => movido correctamente

==== Final de Fixlog 01:23:52 ====

Hola nuevamente,

Intenta iniciar en modo seguro para ver si el problema se presenta igualmente: Iniciar el PC en modo seguro

De igual forma revisa si puedes acceder con algún otro programa a elementos de inicio. Puedes probar con Glary Utilities (o algún otro programa de tu elección):

El administrador esta en la parte inferior izquierda con el siguiente icono: imagen
O lo puedes acceder en: Herramientas avanzadasOptimizar y mejorarAdministrador de inicio

Nos comentas.

Saludos