Avast me muestra un cuadro de "amenaza resuelta" HTML:Script-inf¨(Susp) cada vez que ingreso al navegador

Buen día comunidad. Soy nuevo en este foro. Luego de buscar por muchas horas alguna solución para mi problema, me veo obligado a postear esto acá y buscar ayuda.

Terminé descargando un virus de alguna forma a mi pc por descuidado, sé que una persona logró acceder a mis datos personales y quiero saber si me pueden ayudar a sacarla de mi sistema, me descargué distintos antivirus y en Avast cada que abro mi navegador me sale un anuncio. El mensaje que muestra es el siguiente:

Hemos anulador de forma segura la conexión de 52.12.52.49 porque estaba infectada por HTML:Script-inf¨(Susp)

Nombre de amaneza: HTML:Script-inf¨(Susp)

URL: http://52.12.52.49/mnr3237/m.html?r=40708

Proceso: **C:\Users\CESAR AGUSTO\Appdata\Local\Prograns\Opera GX\opera.exe

Detectado por: Escudo web

Estado: Conexión anulada

Quisiera saber como dejar de ver ese mensaje, voy a formatear el computador de igual forma, sin embargo, he visto casos donde el hacker sigue en el sistema aun despues de eso.

Mi SO es Windows 10 x64. Espero me puedan ayudar.

Hola @cesangal15 y bienvenido al foro

Te dejo algunos temas de interés y utilidad:

Revisa el siguiente enlace:

Realiza los pasos de Malwarebytes y AdwCleaner. Puedes omitir los referentes a los navegadores.

Nos traerías los reportes de los programas. Te dejo enlaces a la sección de los manuales para poder obtener los respectivos reportes después del escaneo:

Esperamos los reportes. Cualquier duda nos comentas.

Saludos

1 me gusta

Este es el informe de malwarebytes

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 26/1/22
Hora del análisis: 14:36
Archivo de registro: 3bf24022-7edf-11ec-bdaf-089798bb374f.json

-Información del software-
Versión: 4.5.2.157
Versión de los componentes: 1.0.1562
Versión del paquete de actualización: 1.0.50325
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 19042.1052)
CPU: x64
Sistema de archivos: NTFS
Usuario: LAPTOP-PKMCITN5\CESAR AUGUSTO

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 487503
Amenazas detectadas: 164
Amenazas en cuarentena: 161
Tiempo transcurrido: 16 min, 54 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 14
PUP.Optional.Reimage, HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\Fixer - Windows Problem Relief., En cuarentena, 385, 709541, 1.0.50325, , ame, , , 
Spyware.PasswordStealer.E, HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\SOFTWARE\BowwSoftwar, En cuarentena, 3793, 947581, 1.0.50325, , ame, , , 
Spyware.PasswordStealer, HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\SOFTWARE\ffdroider, En cuarentena, 537, 954910, 1.0.50325, , ame, , , 
Trojan.Dropper, HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\SOFTWARE\iwwggaa2, En cuarentena, 548, 954912, 1.0.50325, , ame, , , 
Trojan.Dropper, HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\SOFTWARE\LandAppInstall, En cuarentena, 548, 964938, 1.0.50325, , ame, , , 
Trojan.Glupteba.E, HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\SOFTWARE\MICROSOFT\e7b5ba67, En cuarentena, 497, 821174, 1.0.50325, , ame, , , 
Trojan.Downloader.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PowerControl LG, En cuarentena, 2821, 982508, , , , , , 
Trojan.Downloader.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2E570C63-DA72-4927-9FC5-C9A6B669A971}, En cuarentena, 2821, 982508, , , , , , 
Trojan.Downloader.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{2E570C63-DA72-4927-9FC5-C9A6B669A971}, En cuarentena, 2821, 982508, , , , , , 
Trojan.Downloader.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PowerControl HR, En cuarentena, 2821, 982507, , , , , , 
Trojan.Downloader.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E81DC4DA-6E6F-4326-8FBB-BDDBFE17E2BB}, En cuarentena, 2821, 982507, , , , , , 
Trojan.Downloader.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{E81DC4DA-6E6F-4326-8FBB-BDDBFE17E2BB}, En cuarentena, 2821, 982507, , , , , , 
Adware.Neoreklami.ChrPRST, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, En cuarentena, 393, -1, 0.0.0, , action, , , 
Adware.Neoreklami.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, En cuarentena, 393, -1, 0.0.0, , action, , , 

Valor del registro: 5
Trojan.Agent, HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|PRUN, En cuarentena, 495, 945897, 1.0.50325, , ame, , , 
Trojan.Agent, HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|WINFLOW, En cuarentena, 495, 945899, 1.0.50325, , ame, , , 
Trojan.Glupteba.E, HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\SOFTWARE\MICROSOFT\e7b5ba67|CAMPAIGNID, En cuarentena, 497, 821174, 1.0.50325, , ame, , , 
Trojan.Glupteba.E, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{2BC6A62E-7386-4A4B-9990-E850111DCD60}, Error durante la eliminación, 497, 795081, 1.0.50325, , ame, , , 
Trojan.Glupteba.E, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{0CFC398F-2A6A-4662-9336-50815882A604}, Error durante la eliminación, 497, 795081, 1.0.50325, , ame, , , 

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 65
Backdoor.Bifrose, C:\PROGRAM FILES (X86)\COMPANY\NEWPRODUCT, En cuarentena, 1048, 172663, 1.0.50325, , ame, , , 
PUP.Optional.FindIt, C:\USERS\CESAR AUGUSTO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Extension Settings\meejmcfbiapijdfaadackoblffmidlig, En cuarentena, 197, 595105, , , , , , 
PUP.Optional.FindIt, C:\USERS\CESAR AUGUSTO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Sustituido, 197, 595105, , , , , , 
PUP.Optional.FindIt, C:\USERS\CESAR AUGUSTO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\System Profile\EXTENSIONS\meejmcfbiapijdfaadackoblffmidlig, En cuarentena, 197, 595105, 1.0.50325, , ame, , , 
PUP.Optional.FindIt, C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\meejmcfbiapijdfaadackoblffmidlig\1.0.0.6_0\_locales\en, En cuarentena, 197, 595106, , , , , , 
PUP.Optional.FindIt, C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\meejmcfbiapijdfaadackoblffmidlig\1.0.0.6_0\_locales\ru, En cuarentena, 197, 595106, , , , , , 
PUP.Optional.FindIt, C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\meejmcfbiapijdfaadackoblffmidlig\1.0.0.6_0\_metadata, En cuarentena, 197, 595106, , , , , , 
PUP.Optional.FindIt, C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\meejmcfbiapijdfaadackoblffmidlig\1.0.0.6_0\_locales, En cuarentena, 197, 595106, , , , , , 
PUP.Optional.FindIt, C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\meejmcfbiapijdfaadackoblffmidlig\1.0.0.6_0\icons, En cuarentena, 197, 595106, , , , , , 
PUP.Optional.FindIt, C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\meejmcfbiapijdfaadackoblffmidlig\1.0.0.6_0\js, En cuarentena, 197, 595106, , , , , , 
PUP.Optional.FindIt, C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\meejmcfbiapijdfaadackoblffmidlig\1.0.0.6_0, En cuarentena, 197, 595106, , , , , , 
PUP.Optional.FindIt, C:\USERS\CESAR AUGUSTO\APPDATA\ROAMING\OPERA SOFTWARE\OPERA STABLE\EXTENSIONS\MEEJMCFBIAPIJDFAADACKOBLFFMIDLIG, En cuarentena, 197, 595106, 1.0.50325, , ame, , , 
Spyware.StolenData.E, C:\ProgramData\60JJKERYYBO5BTQJMQK5NXCBT\files\Wallets\ElectronCash, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\60JJKERYYBO5BTQJMQK5NXCBT\files\Wallets\ElectrumLTC, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\60JJKERYYBO5BTQJMQK5NXCBT\files\Wallets\MultiDoge, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\60JJKERYYBO5BTQJMQK5NXCBT\files\Wallets\Electrum, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\60JJKERYYBO5BTQJMQK5NXCBT\files\Wallets\Binance, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\60JJKERYYBO5BTQJMQK5NXCBT\files\Wallets\Coinomi, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\60JJKERYYBO5BTQJMQK5NXCBT\files\Wallets\Atomic, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\60JJKERYYBO5BTQJMQK5NXCBT\files\Wallets\Exodus, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\60JJKERYYBO5BTQJMQK5NXCBT\files\Wallets\Monero, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\60JJKERYYBO5BTQJMQK5NXCBT\files\Wallets\JAXX, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\PROGRAMDATA\60JJKERYYBO5BTQJMQK5NXCBT\FILES\Wallets, En cuarentena, 971, 697276, 1.0.50325, , ame, , , 
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\MetaMask\Google Chrome\Default, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\MetaMask\Google Chrome, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\ElectronCash, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\ElectrumLTC, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\MultiDoge, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\Electrum, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\Jaxx_New, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\MetaMask, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\Binance, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\Coinomi, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\Atomic, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\Exodus, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\Monero, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\JAXX, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\PROGRAMDATA\7YE8AN0UE5TZ673Y8HJVUF0KF\FILES\Wallets, En cuarentena, 971, 697276, 1.0.50325, , ame, , , 
Spyware.StolenData.E, C:\ProgramData\9IMRLLTFAKFIPBHYSODZRSF6M\files\Wallets\ElectronCash, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\9IMRLLTFAKFIPBHYSODZRSF6M\files\Wallets\ElectrumLTC, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\9IMRLLTFAKFIPBHYSODZRSF6M\files\Wallets\MultiDoge, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\9IMRLLTFAKFIPBHYSODZRSF6M\files\Wallets\Electrum, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\9IMRLLTFAKFIPBHYSODZRSF6M\files\Wallets\Binance, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\9IMRLLTFAKFIPBHYSODZRSF6M\files\Wallets\Coinomi, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\9IMRLLTFAKFIPBHYSODZRSF6M\files\Wallets\Atomic, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\9IMRLLTFAKFIPBHYSODZRSF6M\files\Wallets\Exodus, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\9IMRLLTFAKFIPBHYSODZRSF6M\files\Wallets\Monero, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\9IMRLLTFAKFIPBHYSODZRSF6M\files\Wallets\JAXX, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\PROGRAMDATA\9IMRLLTFAKFIPBHYSODZRSF6M\FILES\Wallets, En cuarentena, 971, 697276, 1.0.50325, , ame, , , 
Spyware.StolenData.E, C:\ProgramData\LY96I7QIGURIWEWWNQH2788N8\files\Wallets\ElectronCash, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\LY96I7QIGURIWEWWNQH2788N8\files\Wallets\ElectrumLTC, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\LY96I7QIGURIWEWWNQH2788N8\files\Wallets\MultiDoge, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\LY96I7QIGURIWEWWNQH2788N8\files\Wallets\Electrum, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\LY96I7QIGURIWEWWNQH2788N8\files\Wallets\Binance, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\LY96I7QIGURIWEWWNQH2788N8\files\Wallets\Coinomi, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\LY96I7QIGURIWEWWNQH2788N8\files\Wallets\Atomic, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\LY96I7QIGURIWEWWNQH2788N8\files\Wallets\Exodus, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\LY96I7QIGURIWEWWNQH2788N8\files\Wallets\Monero, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\LY96I7QIGURIWEWWNQH2788N8\files\Wallets\JAXX, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\PROGRAMDATA\LY96I7QIGURIWEWWNQH2788N8\FILES\Wallets, En cuarentena, 971, 697276, 1.0.50325, , ame, , , 
Adware.Neoreklami.Generic.TskLnk, C:\PROGRAMDATA\vRjWVZiFJDjxVXVB, En cuarentena, 3540, 771910, 1.0.50325, , ame, , , 
Trojan.Agent, C:\USERS\CESAR AUGUSTO\APPDATA\ROAMING\NAILEDP, En cuarentena, 495, 954908, 1.0.50325, , ame, , , 
Trojan.Dropper, C:\USERS\CESAR AUGUSTO\APPDATA\ROAMING\PROFCLEANER, En cuarentena, 548, 1016029, 1.0.50325, , ame, , , 
Adware.Neoreklami.ChrPRST, C:\USERS\CESAR AUGUSTO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 393, 878860, , , , , , 
Adware.Neoreklami.ChrPRST, C:\USERS\CESAR AUGUSTO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 393, 878860, , , , , , 

Archivo: 80
Backdoor.Bifrose, C:\Program Files (x86)\Company\NewProduct\d.INTEG.RAW, En cuarentena, 1048, 172663, , , , , 33DD13E7103C2887073DFF601335B3B0, 25E5CEDEA62AEDA42F9137CBB96B1FE63CAE6886821FF2E41240CAA6451310DA
Backdoor.Bifrose, C:\Program Files (x86)\Company\NewProduct\d.jfm, En cuarentena, 1048, 172663, , , , , 8223A36E1C380CCDF0DEDF766D4594DC, 5468883A3DAC4B44538DFA2C7ACB17EEE74D01764005AC9EC0065F466A33C250
Backdoor.Bifrose, C:\Program Files (x86)\Company\NewProduct\p, En cuarentena, 1048, 172663, , , , , A8D6B55890CD01E8EEF696FEEF9B013E, 905CB3B153AE8C53770EB22B549F347AA5278CD828042326B6815C50BE0A11C9
PUP.Optional.FindIt, C:\Users\CESAR AUGUSTO\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\meejmcfbiapijdfaadackoblffmidlig\LOCK, En cuarentena, 197, 595105, , , , , , 
PUP.Optional.FindIt, C:\Users\CESAR AUGUSTO\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\meejmcfbiapijdfaadackoblffmidlig\LOG, En cuarentena, 197, 595105, , , , , , 
Legit.MisusedLegit, C:\PROGRAMDATA\60\freebl3.dll, En cuarentena, 3674, 965931, 1.0.50325, , ame, , EF2834AC4EE7D6724F255BEAF527E635, A770ECBA3B08BBABD0A567FC978E50615F8B346709F8EB3CFACF3FAAB24090BA
Legit.MisusedLegit, C:\PROGRAMDATA\66\freebl3.dll, En cuarentena, 3674, 965931, 1.0.50325, , ame, , EF2834AC4EE7D6724F255BEAF527E635, A770ECBA3B08BBABD0A567FC978E50615F8B346709F8EB3CFACF3FAAB24090BA
Legit.MisusedLegit, C:\USERS\CESAR AUGUSTO\APPDATA\LOCALLOW\fB9oV\mozglue.dll, En cuarentena, 3674, 965519, 1.0.50325, , ame, , EAE9273F8CDCF9321C6C37C244773139, A0C6630D4012AE0311FF40F4F06911BCF1A23F7A4762CE219B8DFFA012D188CC
PUP.Optional.FindIt, C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\meejmcfbiapijdfaadackoblffmidlig\1.0.0.6_0\icons\icon128.png, En cuarentena, 197, 595106, , , , , DC1D7C7D3695ED5EFCA6A1AE77DE21BD, 30EF30CB1D36B61C1458C2D72FF2A7B749B32016D66B390049764C02E4C8D014
PUP.Optional.FindIt, C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\meejmcfbiapijdfaadackoblffmidlig\1.0.0.6_0\icons\icon16.png, En cuarentena, 197, 595106, , , , , AAB51AA38659FE483B8416E497E06750, 276A7255058B9EA836ACF9B8839120E807D63A88A7FDED8C2EEA82C6CA4CC0C1
PUP.Optional.FindIt, C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\meejmcfbiapijdfaadackoblffmidlig\1.0.0.6_0\icons\icon48.png, En cuarentena, 197, 595106, , , , , 9405D950576B1FEEDF43F9D385AC97BC, BE0943A4EFA53655D38B48710049027831EE420426B76435449F540414861A19
PUP.Optional.FindIt, C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\meejmcfbiapijdfaadackoblffmidlig\1.0.0.6_0\icons\icon64.png, En cuarentena, 197, 595106, , , , , C2811F392CB253ACFE667FED15ABFFA0, 07618600150610139BFBF3C9DC1113DBDF2A0FC184F363DA868134B578F906C7
PUP.Optional.FindIt, C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\meejmcfbiapijdfaadackoblffmidlig\1.0.0.6_0\js\background.js, En cuarentena, 197, 595106, , , , , 6CFF22B7CDF95806FFA35FC3B813F007, 8B5278FF63974D90E679C80087C2DF09BF7FC3E6A2FCD35521BE3132CA3FEC43
PUP.Optional.FindIt, C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\meejmcfbiapijdfaadackoblffmidlig\1.0.0.6_0\_locales\en\messages.json, En cuarentena, 197, 595106, , , , , ED6EDA47C3B92153E4AF93BC8F4E7DDA, 15A9580F21BFDEB529FFF6EDEEE92EEA7D33EE5CD63D19A86B161BD28242E45D
PUP.Optional.FindIt, C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\meejmcfbiapijdfaadackoblffmidlig\1.0.0.6_0\_locales\ru\messages.json, En cuarentena, 197, 595106, , , , , 532F335700DDFF29EA80DF00C1E4E529, C135CC37FB8A04BE491A1BE14A57697B29E51E11A4CDE15E6FC787EACBDFA47E
PUP.Optional.FindIt, C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\meejmcfbiapijdfaadackoblffmidlig\1.0.0.6_0\_metadata\verified_contents.json, En cuarentena, 197, 595106, , , , , A2FA39713D3874FAE67C8E0DAE074C0B, B77700DEDFAB299962B3B2FA170E47ADD904DBAD0D174BF94F62466D5B88E69F
PUP.Optional.FindIt, C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\meejmcfbiapijdfaadackoblffmidlig\1.0.0.6_0\manifest.json, En cuarentena, 197, 595106, , , , , DAE52412B8426076DD99669141647137, A7DAECB547108B451E0E9B9B60A3A1533B753E9750FC56EEB954D663D8E3C413
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\MetaMask\Google Chrome\Default\000005.ldb, En cuarentena, 971, 697276, , , , , 339E0B1BDED06BB402E47BEB87834FCF, E2D20ECB0CCCAF6974DCE9AE1333FB4265B8034E1F7D1C26F01CEA3725DC2249
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\MetaMask\Google Chrome\Default\000256.ldb, En cuarentena, 971, 697276, , , , , 70F9CC51D5963DD8FF8BAC172EFE4DF7, A2648930E8B73AEE558250312116F7CE8A3D4844BD9B4070100D0F4130F6A4C8
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\MetaMask\Google Chrome\Default\000258.ldb, En cuarentena, 971, 697276, , , , , 2F367F760DF5C3A484E56C243187B953, 7F8527710772B9EC179F1BB308AB7563AC8F17E6836BE941F918DE69E8DDEF03
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\MetaMask\Google Chrome\Default\000260.ldb, En cuarentena, 971, 697276, , , , , 8B8D25DEB3A3A5A31C77A0EE07271B7B, 0C83731ED415C2FA602B0C86FF9DD8A6747BDF682670458BE25D63133CBDB581
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\MetaMask\Google Chrome\Default\000261.log, En cuarentena, 971, 697276, , , , , EE09C1870DBA5B571239E9E3C2BEF0A7, EB7468586D088B7CA91D1F0AA4CB1FA091C388146BBEF29DF5D0A137588C3EE9
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\MetaMask\Google Chrome\Default\000262.ldb, En cuarentena, 971, 697276, , , , , 92047F4097E4D90BEC7979008E280B91, 5ED9EE18F6C8AED667D9FCA571D9BBE07753614D2C6FBAC4030DA0766314457C
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\MetaMask\Google Chrome\Default\CURRENT, En cuarentena, 971, 697276, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\MetaMask\Google Chrome\Default\LOCK, En cuarentena, 971, 697276, , , , , , 
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\MetaMask\Google Chrome\Default\LOG, En cuarentena, 971, 697276, , , , , 050B473CAB27CED91328AA5B25B993A7, 1D39727DC641A7D112D1F2F35D538780092524BED530D6DB598853768B148D0F
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\MetaMask\Google Chrome\Default\LOG.old, En cuarentena, 971, 697276, , , , , 8B65994D8953A3147FF4E78036B37D16, 06ABB3C41553EF064CAD3F459885E61166E8DE89F53252E3E823483BE653C935
Spyware.StolenData.E, C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF\files\Wallets\MetaMask\Google Chrome\Default\MANIFEST-000001, En cuarentena, 971, 697276, , , , , D5841E3399B625BD77D7D143861574AC, AA2F8034762CE85E4082BF374750670974BD4D909D7228BA9201BCAA20A5F846
Legit.MisusedLegit, C:\USERS\CESAR AUGUSTO\APPDATA\LOCALLOW\nW6mI-7yS1k\mozglue.dll, En cuarentena, 3674, 965519, 1.0.50325, , ame, , EAE9273F8CDCF9321C6C37C244773139, A0C6630D4012AE0311FF40F4F06911BCF1A23F7A4762CE219B8DFFA012D188CC
Legit.MisusedLegit, C:\PROGRAMDATA\60\softokn3.dll, En cuarentena, 3674, 965934, 1.0.50325, , ame, , A2EE53DE9167BF0D6C019303B7CA84E5, 43536ADEF2DDCC811C28D35FA6CE3031029A2424AD393989DB36169FF2995083
Legit.MisusedLegit, C:\PROGRAMDATA\66\softokn3.dll, En cuarentena, 3674, 965934, 1.0.50325, , ame, , A2EE53DE9167BF0D6C019303B7CA84E5, 43536ADEF2DDCC811C28D35FA6CE3031029A2424AD393989DB36169FF2995083
Spyware.FickerStealer.E, C:\PROGRAMDATA\KAOSDMA.TXT, En cuarentena, 3945, 954907, 1.0.50325, , ame, , B71119E41C74731CB78D5119AD5E86FC, 4BD12395697E7FF1A2A94B326E203F70A094243080549E9B16A0E05AE38C3812
Legit.MisusedLegit, C:\USERS\CESAR AUGUSTO\APPDATA\LOCALLOW\fB9oV\freebl3.dll, En cuarentena, 3674, 965515, 1.0.50325, , ame, , 60ACD24430204AD2DC7F148B8CFE9BDC, 9876C53134DBBEC4DCCA67581F53638EBA3FEA3A15491AA3CF2526B71032DA97
Legit.MisusedLegit, C:\PROGRAMDATA\60\mozglue.dll, En cuarentena, 3674, 965932, 1.0.50325, , ame, , 8F73C08A9660691143661BF7332C3C27, 3FE6B1C54B8CF28F571E0C5D6636B4069A8AB00B4F11DD842CFEC00691D0C9CD
Legit.MisusedLegit, C:\PROGRAMDATA\60\nss3.dll, En cuarentena, 3674, 965933, 1.0.50325, , ame, , BFAC4E3C5908856BA17D41EDCD455A51, E2935B5B28550D47DC971F456D6961F20D1633B4892998750140E0EAA9AE9D78
Legit.MisusedLegit, C:\PROGRAMDATA\66\mozglue.dll, En cuarentena, 3674, 965932, 1.0.50325, , ame, , 8F73C08A9660691143661BF7332C3C27, 3FE6B1C54B8CF28F571E0C5D6636B4069A8AB00B4F11DD842CFEC00691D0C9CD
Legit.MisusedLegit, C:\USERS\CESAR AUGUSTO\APPDATA\LOCALLOW\fB9oV\nss3.dll, En cuarentena, 3674, 965520, 1.0.50325, , ame, , 02CC7B8EE30056D5912DE54F1BDFC219, 1989526553FD1E1E49B0FEA8036822CA062D3D39C4CAB4A37846173D0F1753D5
Legit.MisusedLegit, C:\PROGRAMDATA\66\nss3.dll, En cuarentena, 3674, 965933, 1.0.50325, , ame, , BFAC4E3C5908856BA17D41EDCD455A51, E2935B5B28550D47DC971F456D6961F20D1633B4892998750140E0EAA9AE9D78
Legit.MisusedLegit, C:\USERS\CESAR AUGUSTO\APPDATA\LOCALLOW\nW6mI-7yS1k\nss3.dll, En cuarentena, 3674, 965520, 1.0.50325, , ame, , 02CC7B8EE30056D5912DE54F1BDFC219, 1989526553FD1E1E49B0FEA8036822CA062D3D39C4CAB4A37846173D0F1753D5
Legit.MisusedLegit, C:\PROGRAMDATA\60\vcruntime140.dll, En cuarentena, 3674, 965935, 1.0.50325, , ame, , 7587BF9CB4147022CD5681B015183046, C40BB03199A2054DABFC7A8E01D6098E91DE7193619EFFBD0F142A7BF031C14D
Legit.MisusedLegit, C:\PROGRAMDATA\66\vcruntime140.dll, En cuarentena, 3674, 965935, 1.0.50325, , ame, , 7587BF9CB4147022CD5681B015183046, C40BB03199A2054DABFC7A8E01D6098E91DE7193619EFFBD0F142A7BF031C14D
Legit.MisusedLegit, C:\PROGRAMDATA\60\msvcp140.dll, En cuarentena, 3674, 975349, 1.0.50325, , ame, , 109F0F02FD37C84BFC7508D4227D7ED5, 334E69AC9367F708CE601A6F490FF227D6C20636DA5222F148B25831D22E13D4
Legit.MisusedLegit, C:\PROGRAMDATA\66\msvcp140.dll, En cuarentena, 3674, 975349, 1.0.50325, , ame, , 109F0F02FD37C84BFC7508D4227D7ED5, 334E69AC9367F708CE601A6F490FF227D6C20636DA5222F148B25831D22E13D4
Legit.MisusedLegit, C:\USERS\CESAR AUGUSTO\APPDATA\LOCALLOW\fB9oV\softokn3.dll, En cuarentena, 3674, 965521, 1.0.50325, , ame, , 4E8DF049F3459FA94AB6AD387F3561AC, 25A4DAE37120426AB060EBB39B7030B3E7C1093CC34B0877F223B6843B651871
Legit.MisusedLegit, C:\USERS\CESAR AUGUSTO\APPDATA\LOCALLOW\nW6mI-7yS1k\softokn3.dll, En cuarentena, 3674, 965521, 1.0.50325, , ame, , 4E8DF049F3459FA94AB6AD387F3561AC, 25A4DAE37120426AB060EBB39B7030B3E7C1093CC34B0877F223B6843B651871
Legit.MisusedLegit, C:\PROGRAMDATA\60\sqlite3.dll, En cuarentena, 3674, 965937, 1.0.50325, , ame, , E477A96C8F2B18D6B5C27BDE49C990BF, 16574F51785B0E2FC29C2C61477EB47BB39F714829999511DC8952B43AB17660
Legit.MisusedLegit, C:\PROGRAMDATA\66\sqlite3.dll, En cuarentena, 3674, 965937, 1.0.50325, , ame, , E477A96C8F2B18D6B5C27BDE49C990BF, 16574F51785B0E2FC29C2C61477EB47BB39F714829999511DC8952B43AB17660
Trojan.Agent, C:\Users\CESAR AUGUSTO\AppData\Roaming\nailedp\edspolishpp.exe, En cuarentena, 495, 954908, , , , , A11BF5F21D62A168D06B80CF4A7B72AD, 794E774752EF1D81019438FE773ADB9CD23794AD1D34EC8DF14042AF8515BF6F
Trojan.Downloader.E, C:\WINDOWS\SYSTEM32\TASKS\PowerControl LG, En cuarentena, 2821, 982508, 1.0.50325, , ame, , CDA2DA1D16A2A3FAEFD8ED823BA02C13, C03307E7C99E31B62C383C038FB532CA1E0DBF1EF73D64FF95472FF480D37AC0
Trojan.Downloader.E, C:\WINDOWS\SYSTEM32\TASKS\PowerControl HR, En cuarentena, 2821, 982507, 1.0.50325, , ame, , 46CECBB0FB02BC4A323337D78E7AADE6, 1B5092C77ABFED4A6AE70E5145A52ABE153FABB85ECE9444CA690208B122F35B
RiskWare.MisusedLegit.E, C:\PROGRAMDATA\MSVCP140.DLL, En cuarentena, 3798, 820423, 1.0.50325, , ame, , 109F0F02FD37C84BFC7508D4227D7ED5, 334E69AC9367F708CE601A6F490FF227D6C20636DA5222F148B25831D22E13D4
RiskWare.MisusedLegit.E, C:\PROGRAMDATA\NSS3.DLL, En cuarentena, 3798, 820421, 1.0.50325, , ame, , BFAC4E3C5908856BA17D41EDCD455A51, E2935B5B28550D47DC971F456D6961F20D1633B4892998750140E0EAA9AE9D78
RiskWare.MisusedLegit.E, C:\PROGRAMDATA\MOZGLUE.DLL, En cuarentena, 3798, 820422, 1.0.50325, , ame, , 8F73C08A9660691143661BF7332C3C27, 3FE6B1C54B8CF28F571E0C5D6636B4069A8AB00B4F11DD842CFEC00691D0C9CD
RiskWare.MisusedLegit.E, C:\PROGRAMDATA\VCRUNTIME140.DLL, En cuarentena, 3798, 820419, 1.0.50325, , ame, , 7587BF9CB4147022CD5681B015183046, C40BB03199A2054DABFC7A8E01D6098E91DE7193619EFFBD0F142A7BF031C14D
RiskWare.MisusedLegit.E, C:\PROGRAMDATA\FREEBL3.DLL, En cuarentena, 3798, 820418, 1.0.50325, , ame, , EF2834AC4EE7D6724F255BEAF527E635, A770ECBA3B08BBABD0A567FC978E50615F8B346709F8EB3CFACF3FAAB24090BA
RiskWare.MisusedLegit.E, C:\PROGRAMDATA\SOFTOKN3.DLL, En cuarentena, 3798, 820420, 1.0.50325, , ame, , A2EE53DE9167BF0D6C019303B7CA84E5, 43536ADEF2DDCC811C28D35FA6CE3031029A2424AD393989DB36169FF2995083
Rootkit.Agent, C:\WINDOWS\SYSTEM32\DRIVERS\FR44C6KL6.SYS, En cuarentena, 494, 954997, 1.0.50325, , ame, , CCAB60F7E008939FE05E10275F73EEF3, C0CF73B4842071DAC991A051FA2FB247E4A1F3FF039DD48ADED8ED9B65ACC73E
PUP.Optional.Reimage, C:\USERS\CESAR AUGUSTO\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCACHE\IE\42QPLLLL\REIMAGEPACKAGE1956X64B[1].EXE, En cuarentena, 385, 331559, 1.0.50325, , ame, , 6AE8E3CB1003000D0063A5AAD77BE2E4, 32C33B0D27A3441C09119FEA7F730034EF1DFCCD430E6E1695F202550E732F77
Trojan.Dropper, C:\PROGRAM FILES\COMMON FILES\RJXHDPBSQE\FOLDERSHARE.EXE, En cuarentena, 548, 1014973, 1.0.50325, , ame, , E7A2F7B067BB8E44FEF25AA24B633EF8, AD355C44E250D35A70D61C5C46A21E1825EAAC8A4D99E2264D568FE277A21FA9
PUP.Optional.Reimage, C:\USERS\CESAR AUGUSTO\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCACHE\IE\L84HDXGG\PROTECTORPACKAGE2027X64A[1].EXE, En cuarentena, 385, 726642, 1.0.50325, , ame, , 0A21DAB75A58F818ABAE4B824087A1E8, 99EBCDEAB3F755F402BCE0D8B59A736056B64E0DB96D486466735D23EC856B86
Malware.Heuristic.1003, C:\PROGRAM FILES\STELLAR DATA RECOVERY\STELLARREPAIRFORVIDEO.EXE, En cuarentena, 1000001, 980983, 1.0.50325, 0000000000000000000003EB, dds, 01615156, 38DBB71952F1340A5BF599D7E1A8F8C7, 14523C094FA652FE9E30CA05BAA6F681571A52B3CFABC85D1540054F05F9A45B
Adware.Neoreklami.ChrPRST, C:\Users\CESAR AUGUSTO\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, En cuarentena, 393, 878860, , , , , C9053401528B19CCC3621A8F18FDF611, 66F0A7CA28F5C83EFCDE7557AC5EB942D2BA710D93009E7FC0D25D67F43C401C
Adware.Neoreklami.ChrPRST, C:\Users\CESAR AUGUSTO\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000512.ldb, En cuarentena, 393, 878860, , , , , 0CD67C0743295870BAAB92DE95B8877B, D7E957DD45AC0AFE10A52EA52C8058C894CCAB7365F2949252D625B740C41C42
Adware.Neoreklami.ChrPRST, C:\Users\CESAR AUGUSTO\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000515.ldb, En cuarentena, 393, 878860, , , , , 674D28E609FEE37953C31E608BA35174, BE5648A3751A3ACFCC3237A2B6213EF8C26229B7DF3AA3D034C4A87DD9B06C2A
Adware.Neoreklami.ChrPRST, C:\Users\CESAR AUGUSTO\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000517.log, En cuarentena, 393, 878860, , , , , C3C9DF9547A73E3308382C04674A5078, 746163188A51ED895F98F6083B8E95E8A879F463BA16EE5CC2398D27035E9EED
Adware.Neoreklami.ChrPRST, C:\Users\CESAR AUGUSTO\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000518.ldb, En cuarentena, 393, 878860, , , , , 8150A6FEC782FE0BE9A1E6ACC1A0913E, F198D1F3F13D2D4ED85C48B0AF1BEDF02D30C1D3E0451948D52B3718AB5541F0
Adware.Neoreklami.ChrPRST, C:\Users\CESAR AUGUSTO\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000520.ldb, En cuarentena, 393, 878860, , , , , 29AA45A54232DE87FC7D5DECE1C4D66E, 0D8D177EC8EC561CF09350CC36F059FA37F8FDFA962A42563021F479EA744561
Adware.Neoreklami.ChrPRST, C:\Users\CESAR AUGUSTO\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000521.log, En cuarentena, 393, 878860, , , , , , 
Adware.Neoreklami.ChrPRST, C:\Users\CESAR AUGUSTO\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, En cuarentena, 393, 878860, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
Adware.Neoreklami.ChrPRST, C:\Users\CESAR AUGUSTO\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, En cuarentena, 393, 878860, , , , , , 
Adware.Neoreklami.ChrPRST, C:\Users\CESAR AUGUSTO\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, En cuarentena, 393, 878860, , , , , 154BD27E0FB12B8A12B1AF5CA06B3610, D6ED4AA8E45D2971916A41036BC838A10BD411838F84163114242F09F6C969CF
Adware.Neoreklami.ChrPRST, C:\Users\CESAR AUGUSTO\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, En cuarentena, 393, 878860, , , , , 0DC2BD08239C0615427B2FA2538C3C1A, 5C218A8F5EF1D05492FFA0276DEC70E0A1737907ABA037A4B002268837DA5676
Adware.Neoreklami.ChrPRST, C:\Users\CESAR AUGUSTO\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, En cuarentena, 393, 878860, , , , , 550ACD3A3875D6EA3B0CB6717B924246, 02352E77F6BD51FDA517984FE9B28B2CF8F3A639AE0B871004924040CB0A29FB
Adware.Neoreklami.ChrPRST, C:\USERS\CESAR AUGUSTO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\System Profile\Secure Preferences, Sustituido, 393, 878860, 1.0.50325, , ame, , 1D8003ABC862CE814EA6332CE2EB27F3, E994A9C23D96AADEA1947CAA2F028DB28F0FD7A96624FA9BFDA3C0CEA234E9D6
Adware.Neoreklami.ChrPRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\NTUSER.POL, Error durante la eliminación, 393, -1, 0.0.0, , action, , 4FE6F1596072795582BBEB5C4EA551FD, 694509DA2DE4248AE7E19FBC6D11D6B923BD7EF40915C2EE9933AB2E6F0ABD3F
Adware.Neoreklami.ChrPRST, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, En cuarentena, 393, -1, 0.0.0, , action, , BFAB7DF9DD0385868251E0B3E9D4C14D, 018431558B54ECC2064C7FF023D799A6E9067DE366599365BBCD6C805D695B79
PUP.Optional.ForcedNotifications, C:\USERS\CESAR AUGUSTO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, 298, 1005179, 1.0.50325, , ame, , E8799796F17404B244825649636AC997, 8F7A11D6A10295FB5AD9D1DEA44CCE41B5AFC5782C8DFED0AA53CA47D4C8BF83
Adware.Neoreklami.ChrPRST, C:\USERS\CESAR AUGUSTO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\System Profile\Secure Preferences, Sustituido, 393, 878860, 1.0.50325, , ame, , 1D8003ABC862CE814EA6332CE2EB27F3, E994A9C23D96AADEA1947CAA2F028DB28F0FD7A96624FA9BFDA3C0CEA234E9D6
Malware.Heuristic.1003, C:\USERS\CESAR AUGUSTO\APPDATA\LOCAL\SYSTEMADVANCE\AZETEXZRA\UPC.EXE, En cuarentena, 1000001, 0, 1.0.50325, 0000000000000000000003EB, dds, 01615156, F1D95A2FAABC5E6EAC0A7051B5F69375, CEAA3EC2863A6A130AD31266A8C17105147FB86D7C4F50863A6BA8353C3D474E
Malware.Heuristic.1001, C:\USERS\CESAR AUGUSTO\APPDATA\LOCAL\SYSTEMADVANCE\AZETEXZRA\LIBCEF.DLL, En cuarentena, 1000001, 0, 1.0.50325, 0000000000000000000003E9, dds, 01615156, 9B0399AAD231969C99125E0A5434666A, 5368612EB213BD1FB90E7350AB29F0103EEFD173B112E2B701A46C727AF0B608

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Para en el caso del adwcleaner me votó dos informes, uno de limpieza y otro de analisis, pasaré primero el de limpieza:

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build:    11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    01-26-2022
# Duration: 00:00:02
# OS:       Windows 10 Home
# Cleaned:  48
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted       C:\Users\CESAR AUGUSTO\AppData\Local\Host App Service
Deleted       C:\Users\CESAR AUGUSTO\Desktop\Hola
Deleted       C:\Users\Default\AppData\Local\Host App Service
Deleted       C:\Users\Public\App Explorer

***** [ Files ] *****

Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Deleted       C:\Users\CESAR AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Deleted       C:\Windows\Reimage.ini
Deleted       C:\Windows\System32\Tasks_Migrated\App Explorer

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\APP EXPLORER

***** [ Registry ] *****

Deleted       HKCU\Software\App Host Service
Deleted       HKCU\Software\Host App Service
Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted       HKCU\Software\Reimage
Deleted       HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4972598F-390F-41C6-9024-3362E1F8F654} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
Deleted       HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted       HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted       HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted       HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted       HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted       HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted       HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted       HKLM\Software\Classes\REI_AxControl.ReiEngine
Deleted       HKLM\Software\Classes\REI_AxControl.ReiEngine.1
Deleted       HKLM\Software\Classes\TypeLib\{A520B992-6390-4231-9C89-F06B3587AB80}
Deleted       HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Reimage
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted       HKLM\Software\Reimage
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{A520B992-6390-4231-9C89-F06B3587AB80}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}

***** [ Chromium (and derivatives) ] *****

Deleted       __MSG_appName__ - meejmcfbiapijdfaadackoblffmidlig

***** [ Chromium URLs ] *****

Deleted       https://find-it.pro/?utm_source=distr_m
Deleted       https://find-it.pro/?utm_source=distr_m
Deleted       https://find-it.pro/?utm_source=distr_m
Deleted       https://find-it.pro/?utm_source=distr_m

***** [ Firefox (and derivatives) ] *****

Deleted       Amazon Assistant for Firefox - [email protected]

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [9694 octets] - [26/01/2022 14:22:16]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Y este es el informe de analisis:

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build:    11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    01-26-2022
# Duration: 00:00:17
# OS:       Windows 10 Home
# Scanned:  32018
# Detected: 80


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Adware.pokki                    C:\Users\CESAR AUGUSTO\AppData\Local\Host App Service
Adware.pokki                    C:\Users\Default\AppData\Local\Host App Service
Adware.pokki                    C:\Users\Public\App Explorer
PUP.Optional.Legacy             C:\Users\CESAR AUGUSTO\Desktop\Hola
PUP.Optional.WebCompanion       C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

Adware.pokki                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Adware.pokki                    C:\Users\CESAR AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Adware.pokki                    C:\Windows\System32\Tasks_Migrated\App Explorer
PUP.Optional.Reimage            C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

Adware.pokki                    C:\Windows\System32\Tasks\APP EXPLORER

***** [ Registry ] *****

Adware.pokki                    HKCU\Software\App Host Service
Adware.pokki                    HKCU\Software\Host App Service
Adware.pokki                    HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Adware.pokki                    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4972598F-390F-41C6-9024-3362E1F8F654} 
Adware.pokki                    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
PUP.Optional.Legacy             HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
PUP.Optional.Legacy             HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy             HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy             HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy             HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy             HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
PUP.Optional.Reimage            HKCU\Software\Reimage
PUP.Optional.Reimage            HKLM\Software\Classes\REI_AxControl.ReiEngine
PUP.Optional.Reimage            HKLM\Software\Classes\REI_AxControl.ReiEngine.1
PUP.Optional.Reimage            HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Reimage
PUP.Optional.Reimage            HKLM\Software\Reimage
PUP.Optional.ReviverSoft        HKLM\Software\Classes\TypeLib\{A520B992-6390-4231-9C89-F06B3587AB80}
PUP.Optional.ReviverSoft        HKLM\Software\Wow6432Node\\Classes\TypeLib\{A520B992-6390-4231-9C89-F06B3587AB80}
PUP.Optional.WebCompanion       HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion       HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

PUP.Optional.BrowserHijack      __MSG_appName__ - meejmcfbiapijdfaadackoblffmidlig

***** [ Chromium URLs ] *****

PUP.Optional.BrowserHijack      https://find-it.pro/?utm_source=distr_m
PUP.Optional.BrowserHijack      https://find-it.pro/?utm_source=distr_m
PUP.Optional.LockHomepage       https://find-it.pro/?utm_source=distr_m
PUP.Optional.LockHomepage       https://find-it.pro/?utm_source=distr_m

***** [ Firefox (and derivatives) ] *****

PUP.Optional.Assistant          Amazon Assistant for Firefox - [email protected]

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.AcerCareCenter   Folder   C:\Program Files (x86)\ACER\CARE CENTER 
Preinstalled.AcerCareCenter   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A383A7F-8E4D-4115-9ADC-5084E1D5ABCF}  
Preinstalled.AcerCareCenter   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A383A7F-8E4D-4115-9ADC-5084E1D5ABCF}  
Preinstalled.AcerCareCenter   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F9ED5F0-31B2-491E-882E-9AA16815C330}  
Preinstalled.AcerCareCenter   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent 
Preinstalled.AcerCareCenter   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication 
Preinstalled.AcerCareCenter   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AFB52E98-7597-4484-9202-58F0FD3512ED} 
Preinstalled.AcerCareCenter   Task   C:\Windows\System32\Tasks\ACCAGENT 
Preinstalled.AcerCareCenter   Task   C:\Windows\System32\Tasks\ACCBACKGROUNDAPPLICATION 
Preinstalled.AcerConfigurationManager   Folder   C:\Program Files (x86)\ACER\AMUNDSEN\2.1.16258 
Preinstalled.AcerConfigurationManager   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C86CD53-AE7E-45AC-9569-31E277B3A2B5}  
Preinstalled.AcerConfigurationManager   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AcerCMUpdateTask2.1.16258 
Preinstalled.AcerConfigurationManager   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{414D554E-4453-454E-0201-000000016258} 
Preinstalled.AcerConfigurationManager   Task   C:\Windows\System32\Tasks\ACERCMUPDATETASK2.1.16258 
Preinstalled.AcerJumpstart   Folder   C:\Program Files (x86)\ACER\ACER JUMPSTART 
Preinstalled.AcerQuickAccess   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BAC2E6E7-89A9-4640-A8D5-C51499FA08D2}  
Preinstalled.AcerQuickAccess   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C01A2ECD-FB7B-4C94-AAF3-06B4EE97383A}  
Preinstalled.AcerQuickAccess   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Button 
Preinstalled.AcerQuickAccess   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access 
Preinstalled.AcerQuickAccess   Task   C:\Windows\System32\Tasks\POWER BUTTON 
Preinstalled.AcerQuickAccess   Task   C:\Windows\System32\Tasks\QUICK ACCESS 
Preinstalled.AcerQuickAccessService   Folder   C:\Program Files\ACER\QUICK ACCESS SERVICE 
Preinstalled.AcerQuickAccessService   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AB25551C-74EF-4BAB-9989-891517FCF9FF} 
Preinstalled.AcerUEIPFramework   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1349AF54-8542-482E-8DF6-1468CE1A9F7A}  
Preinstalled.AcerUEIPFramework   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{249BF8D8-C803-4EBE-B814-D83184833351}  
Preinstalled.AcerUEIPFramework   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UEIPInvitation 
Preinstalled.AcerUEIPFramework   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService 
Preinstalled.AcerUEIPFramework   Task   C:\Windows\System32\Tasks\UBTFRAMEWORKSERVICE 
Preinstalled.AcerUEIPFramework   Task   C:\Windows\System32\Tasks\UEIPINVITATION 
Preinstalled.AcerUpdater   Folder   C:\ProgramData\ACER\ACER UPDATER 
Preinstalled.UserExperienceImprovementProgramService   Folder   C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM SERVICE\FRAMEWORK 
Preinstalled.UserExperienceImprovementProgramService   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E9495FD3-F73D-4D33-A104-047F9E8BE6C7} 



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Espero lo haya hecho bien, quedo atento a cualquier novedad

Hola nuevamente,

Parece que ha encontrado bastantes cosas :thinking:

¿Cómo sigue el problema principal?

Para verificar que las infecciones principales se haya eliminado por completo te recomiendo que realices un escaneo personalizado.

Te dejo una guía de como se configura

Análisis Personalizado

  • Ten en cuenta que para acceder al análisis personalizado hay que presionar en Analizador y no Analizar

Nos comentarías como sigue todo y de proceder nos traerías el nuevo reporte de Malwarebytes.

Saludos

1 me gusta

Hola de nuevo,

De momento no me ha vuelto a salir el aviso, y cuando dices que ha encontrado muchas cosas, ¿Es malo o bueno? :smiling_face_with_tear: , pero bueno, este el nuevo reporte después de hacer el análisis personalizado. También agregar que muchas gracias por toda la ayuda brindada :smiley:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 26/1/22
Hora del análisis: 20:01
Archivo de registro: a49e8ef0-7f0c-11ec-bceb-089798bb374f.json

-Información del software-
Versión: 4.5.2.157
Versión de los componentes: 1.0.1562
Versión del paquete de actualización: 1.0.50330
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 19042.1052)
CPU: x64
Sistema de archivos: NTFS
Usuario: LAPTOP-PKMCITN5\CESAR AUGUSTO

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 1870133
Amenazas detectadas: 3
Amenazas en cuarentena: 3
Tiempo transcurrido: 4 hr, 26 min, 0 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 2
Trojan.Glupteba.E, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{2BC6A62E-7386-4A4B-9990-E850111DCD60}, En cuarentena, 497, 795081, 1.0.50330, , ame, , , 
Trojan.Glupteba.E, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{0CFC398F-2A6A-4662-9336-50815882A604}, En cuarentena, 497, 795081, 1.0.50330, , ame, , , 

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 1
Trojan.AdLoad, C:\USERS\CESAR AUGUSTO\ONEDRIVE - UNIVERSIDAD INDUSTRIAL DE SANTANDER\PICTURES\ADOBE FILMS\YGTKQEKAVODEKO4AL_CJNE6B.EXE, En cuarentena, 511, 1019735, 1.0.50330, 0F4512393DF58E8114B8CDD3, dds, 01615635, 9474EC5F21457F5115869242197E4A27, 35E5E8BE07078739873A18AD8B915BEE864A4B554C0822A41DAF4FDE284FBB88

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Me acabó de salir de nuevo el anuncio del Avast, supongo que lo bloqueó momentáneamente, pero bueno, terminaré formateando el pc y les comento si sigue con el problema, igualmente quedó totalmente agradecido con la atención y ayuda brindada :smiley:

Hola nuevamente,

Bueno aún tenemos más opciones para revisar si lo deseas. Digamos que lo que mande fue la opción 1 de varias.

Si quieres continuar me avisas, caso contrario nos comentas ya cualquier duda para ir cerrando el tema.

Saludos

1 me gusta

Si tienes más opciones, con gusto puedo intentarlas.

Saludos

Hola nuevamente,

Muy bien, vamos probando una herramienta más potente, realiza lo siguiente por favor:

:white_check_mark: Revisa el siguiente manual a detalle y ejecuta FRST:

  • No olvides ejecutarlo desde el escritorio.
  • Presta especial atención a las instrucciones de como pegar el reporte.

Nos traerías los reportes de FRST: Frst.txt y Adition.txt.

Saludos

NOTAS IMPORTANTES:

° Evite realizar procedimientos fuera de este tema a partir de este punto.

° NO descargue o instale mas programas mientras terminamos la desinfección.

° No vuelva a ejecutar ningún otro programa antivirus/antimalwares ni FRST hasta que vuelva con una respuesta.

1 me gusta

Hola nuevamente,

El reporte de Frst.txt es

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 26-01-2022
Ejecutado por CESAR AUGUSTO (administrador) sobre LAPTOP-PKMCITN5 (Acer Nitro AN515-54) (27-01-2022 14:38:08)
Ejecutado desde C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Desktop
Perfiles cargados: CESAR AUGUSTO
Plataforma: Microsoft Windows 10 Home Versión 20H2 19042.1052 (X64) Idioma: Español (México)
Navegador predeterminado: Opera
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\11.0.0.4854\AdskLicensingService\AdskLicensingService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Discord Inc. -> Discord Inc.) C:\Users\CESAR AUGUSTO\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(Famatech Corp. -> Famatech Corp.) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(GoTrustID Inc. -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe
(GoTrustID Inc. -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba355e1f8cdccc52\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba355e1f8cdccc52\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a84f31b20764b965\OneApp.IGCC.WinService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a6f2bd19df3d42e0\IntelCpHDCPSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a6f2bd19df3d42e0\IntelCpHeciSvc.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_a9a8972288e9f3b5\RstMwService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\CESAR AUGUSTO\AppData\Local\Microsoft\OneDrive\22.002.0103.0004\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.621.4222.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.621.4222.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_a87281c4bd1a1369\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\82.0.4227.50\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\opera.exe <37>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Skutta, Kristjan -> ) C:\Program Files (x86)\wallpaper_engine\bin\wallpaperservice32_c.exe
(Skutta, Kristjan -> ) C:\Program Files (x86)\wallpaper_engine\wallpaper32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSysSvc64.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1093872 2020-04-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSvc64.exe [1464728 2019-01-31] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [221992 2020-12-09] (Autodesk, Inc. -> Autodesk)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321112 2020-06-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [668376 2021-05-10] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [2913648 2021-05-10] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [haleng] => C:\Users\CESARA~1\AppData\Local\Temp\haleng.ex (Ningún archivo) <==== ATENCIÓN
HKLM-x32\...\Run: [RadminVPN] => C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe [2109824 2021-12-20] (Famatech Corp. -> Famatech Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [Gaijin.Net Updater] => "C:\Users\CESAR AUGUSTO\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe" (Ningún archivo)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [Discord] => C:\Users\CESAR AUGUSTO\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [btweb] => "C:\Users\CESAR AUGUSTO\AppData\Roaming\BitTorrent Web\btweb.exe" /MINIMIZED (Ningún archivo)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Ningún archivo)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [utweb] => "C:\Users\CESAR AUGUSTO\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (Ningún archivo)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [asdsdagsda.exe] => C:\Users\CESARA~1\AppData\Local\Temp\1000025001\asdsdagsda.exe (Ningún archivo) <==== ATENCIÓN
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\MountPoints2: D - "D:\setup.exe" 
HKLM\...\Print\Monitors\EPSON L575 Series 64MonitorBE: C:\Windows\system32\E_YLMBMTE.DLL [180224 2014-03-04] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-26] (Google LLC -> Google LLC)
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {05294B83-83D8-474D-92AF-D296176CD509} - System32\Tasks\Opera scheduled Autoupdate 1624391072 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Ningún archivo)
Task: {0A241CEB-410F-47D2-9B9D-A244AED8993D} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {0DAA99BE-B328-4A05-AD87-74D0FFB106A0} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1615899705 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\launcher.exe [2192592 2021-12-22] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {1349AF54-8542-482E-8DF6-1468CE1A9F7A} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211136 2019-01-09] (Acer Incorporated -> Acer Incorporated)
Task: {13F8992E-0787-421E-8F51-A5963FB3F490} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-23] (Google LLC -> Google LLC)
Task: {198EC9DC-1712-4207-A390-C83D67CED7C5} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4969240 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
Task: {1DCA5B2B-01DA-43E7-8C97-5981269B93EF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F77793D-AA50-4F10-B9A8-A914B7ACC60F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {22109985-6699-4588-A002-69CC77337C26} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {22556C22-BD91-4776-89D2-388D85253577} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-23] (Google LLC -> Google LLC)
Task: {23B0E12B-9B0D-41D9-AF13-004D09D3E0C9} - System32\Tasks\Firefox Default Browser Agent D2BCC463C39A6988 => C:\Users\CESAR AUGUSTO\AppData\Roaming\acbtsbr.exe (Ningún archivo) <==== ATENCIÓN
Task: {249BF8D8-C803-4EBE-B814-D83184833351} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268096 2019-01-09] (Acer Incorporated -> Acer Incorporated)
Task: {25752A4F-8265-49BA-AB7A-A0B95B3921F7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {26765FE8-1C67-4D8E-A4F9-1D0C9A8AA4CB} - System32\Tasks\Opera GX scheduled Autoupdate 1608758439 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\launcher.exe [2192592 2021-12-22] (Opera Software AS -> Opera Software)
Task: {26BDF35B-FFAF-4F10-950E-E05C6C46744F} - System32\Tasks\Opera scheduled assistant Autoupdate 1624259789 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {2848D67B-B468-42C9-8F9A-2764624705E5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {3995513C-F385-4C33-B6A1-767D11F62D71} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {3C86CD53-AE7E-45AC-9569-31E277B3A2B5} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {45635272-3F1F-4306-9ABF-BF1E5305B323} - System32\Tasks\GoTrust ID Driver => C:\Program Files\GoTrust ID Plugin\Resource\GO-Trust_ID_Driver.exe [63488 2019-08-02] (GoTrustID Inc. -> )
Task: {4C8B1A94-7BD1-42C8-AEC5-F56EB8D944F9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4FC6407D-F6EC-4C72-8D37-F60EDB6F2AB5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {51DD04E2-D717-456B-89AF-4556617CFE34} - System32\Tasks\NortonLifeLock Trial Agent V2 => C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NLOKTrialAgentV2.exe /scheduled (Ningún archivo)
Task: {5668B6C4-BD04-44A3-9E78-D99339F18A84} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5F649278-A052-42CE-A2C6-96BE4C73E512} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {5F8B70F6-3B6E-465B-888E-63FD75193946} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2962984 2020-07-27] (Acer Incorporated -> )
Task: {5FA511A7-2184-42B8-94C7-7A72677FE001} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {67D964CB-ABDC-4829-B9DC-1E0FAD0F797F} - System32\Tasks\MATLAB R2021b Startup Accelerator => C:\Program Files\MATLAB\R2021b\bin\win64\MATLABStartupAccelerator.exe [50176 2021-05-14] () [Archivo no firmado]
Task: {7148287A-5EAE-418F-9830-1596AEB4A588} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7615CD46-3B45-44EA-A2C4-0138C6CFE988} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2019-07-18] (Acer Incorporated -> Acer Incorporated)
Task: {764BEBE5-FEEF-4E79-878B-738996D37990} - System32\Tasks\Opera scheduled assistant Autoupdate 1624391081 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {8D21E0E2-D11C-4E6F-86D7-BE5D98E2A98E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {8EDC8909-A79B-4A8D-8F68-B84B873EF486} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Ningún archivo)
Task: {97FC14C4-98D0-4D97-844C-0AF0D670AE5C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1778456 2022-01-19] (Avast Software s.r.o. -> Avast Software)
Task: {9A383A7F-8E4D-4115-9ADC-5084E1D5ABCF} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [42024 2020-07-27] (Acer Incorporated -> )
Task: {9D416725-2AC0-435F-9603-28FF7671286C} - System32\Tasks\NitroSense => C:\Program Files\Acer\NitroSense Service\PSLauncher.exe [601904 2019-07-19] (Acer Incorporated -> Acer Incorporated)
Task: {9DDA5E13-467B-4B04-8B3C-F125E2A7559B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F50FBB0-3A2A-4E43-9F86-CE3C82498F08} - System32\Tasks\AcerNetworkOptimizerStart => C:\Program Files (x86)\Acer\Acer Network Optimizer\AcerNetworkOptimizer.exe [1987584 2019-03-12] () [Archivo no firmado]
Task: {9F9ED5F0-31B2-491E-882E-9AA16815C330} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4829224 2020-07-27] (Acer Incorporated -> )
Task: {A005E184-334C-4814-9B1D-C84DE454E937} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [65064 2020-03-16] (Acer Incorporated -> Acer)
Task: {BAC2E6E7-89A9-4640-A8D5-C51499FA08D2} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [447528 2020-09-10] (Acer Incorporated -> Acer Incorporated)
Task: {C01A2ECD-FB7B-4C94-AAF3-06B4EE97383A} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2770984 2020-09-10] (Acer Incorporated -> Acer Incorporated)
Task: {CA2B69F0-4B5A-4707-9E03-3C1517A9EA62} - System32\Tasks\Opera scheduled Autoupdate 1624259783 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Ningún archivo)
Task: {D6796CB2-1B5B-484D-B09D-BF244EB3152A} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4191328 2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC0A48B6-18A0-40EA-B870-11007E5437C2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E2C2598A-3DF4-4736-B357-A1F80347D000} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {E2F96AEF-C57E-4968-BBE5-7B737E3D0B2E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E574E134-AE74-4BC7-A397-11AD60F14E7D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FD430763-287C-4A6C-8B3A-EE37967C8D54} - System32\Tasks\mjlooy.exe => C:\Users\CESARA~1\AppData\Local\Temp\b4af406cd1\mjlooy.exe (Ningún archivo) <==== ATENCIÓN
Task: {FF4878B0-2DB8-47F7-B52A-1C4427715D33} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\AcerNetworkOptimizerStart.job => C:\Program Files (x86)\Acer\Acer Network Optimizer\AcerNetworkOptimizer.exe
Task: C:\WINDOWS\Tasks\MATLAB R2021b Startup Accelerator.job => C:\Program Files\MATLAB\R2021b\bin\win64\MATLABStartupAccelerator.exe C:\Program Files\MATLAB\R2021bLAPTOP-PKMCITN5\CESAR AUGUSTO.Sta

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 190.157.8.100 190.157.8.101
Tcpip\..\Interfaces\{e0d22745-d32f-4482-84fc-3856f54941cb}: [DhcpNameServer] 190.157.8.100 190.157.8.101

Edge: 
=======
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
Edge Profile: C:\Users\CESAR AUGUSTO\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-19]
Edge HKLM-x32\...\Edge\Extension: [odbmjgikedenicicookngdckhkjbebpd]

FireFox:
========
FF DefaultProfile: lc7ad3c0.default
FF ProfilePath: C:\Users\CESAR AUGUSTO\AppData\Roaming\Mozilla\Firefox\Profiles\lc7ad3c0.default [2021-06-21]
FF ProfilePath: C:\Users\CESAR AUGUSTO\AppData\Roaming\Mozilla\Firefox\Profiles\m2lglfcg.default-release [2022-01-27]
FF Extension: (Español (España) Language Pack) - C:\Users\CESAR AUGUSTO\AppData\Roaming\Mozilla\Firefox\Profiles\m2lglfcg.default-release\Extensions\[email protected] [2020-11-30]
FF HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\CESAR AUGUSTO\AppData\Roaming\IDM\idmmzcc5 => no encontrado
FF Plugin: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-01-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-01-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-03] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\CESAR AUGUSTO\AppData\Local\Google\Chrome\User Data\System Profile [2022-01-19]
CHR HomePage: System Profile -> hxxps://www.google.com/
CHR StartupUrls: System Profile -> "hxxps://www.google.com/"
CHR Extension: (YoutubeDownloader) - C:\Users\CESAR AUGUSTO\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo [2022-01-19] [UpdateUrl:hxxps://clients75.google.com/service/update2/crx] <==== ATENCIÓN
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]

Opera: 
=======
OPR Profile: C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable [2021-06-22]
OPR DefaultSearchKeyword: Opera Stable -> find-it.pro
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-06-21]
OPR Extension: (YoutubeDownloader) - C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\pdfbhfjldacbdamjhomkgomeialekbng [2022-01-19]
StartMenuInternet: (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001) Opera GXStable - "C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [300584 2020-07-27] (Acer Incorporated -> Acer Incorporated)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1050920 2021-05-10] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [18673448 2020-11-17] (Autodesk, Inc. -> Autodesk)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8480848 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [452888 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1720088 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [452888 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8906088 2021-02-24] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2022-01-17] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-12] (Epic Games Inc. -> Epic Games, Inc.)
S2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [17301280 2022-01-27] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 GoTrust ID Plugin; C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe [17408 2019-08-02] (GoTrustID Inc. -> GOTrustID Inc.)
R2 GoTrustID Service; C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe [246272 2019-08-02] (GoTrustID Inc. -> GOTrustID Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7972536 2022-01-26] (Malwarebytes Inc -> Malwarebytes)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-03-31] (Microsoft Windows -> Microsoft Corporation)
S3 PSSvc; C:\Program Files\Acer\NitroSense Service\PSSvc.exe [820016 2019-07-19] (Acer Incorporated -> Acer Incorporated)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [465960 2020-09-10] (Acer Incorporated -> Acer Incorporated)
S3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [526888 2020-09-10] (Acer Incorporated -> Acer Incorporated)
R2 RvControlSvc; C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe [1058688 2021-12-20] (Famatech Corp. -> Famatech Corp.)
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [528160 2022-01-27] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14676264 2021-06-11] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [305984 2019-01-10] (Acer Incorporated -> Acer Incorporated)
R2 Wallpaper Engine Service; C:\Program Files (x86)\wallpaper_engine\bin\wallpaperservice32_c.exe [127648 2021-06-18] (Skutta, Kristjan -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [57360 2021-03-31] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [47016 2021-03-31] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)
S2 FlexNet Licensing Service; "C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe" [X]
S3 GoogleChromeElevationService; "C:\Program Files\Google\Chrome\Application\97.0.4692.71\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_a87281c4bd1a1369\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_a87281c4bd1a1369\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X]

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2022-01-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [42256 2021-03-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [59344 2021-03-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-01-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-01-26] (Malwarebytes Inc -> Malwarebytes)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-10-31] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [70560 2018-09-03] (Realtek Semiconductor Corp. -> Realtek)
R3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [69048 2021-04-30] (Famatech Corp. -> Famatech Corp.)
R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [232792 2021-09-05] (Valve Corp. -> Valve Corporation)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-01-27 14:37 - 2022-01-27 14:37 - 000030713 _____ C:\Users\CESAR AUGUSTO\Downloads\Addition.txt
2022-01-27 14:36 - 2022-01-27 14:37 - 000000156 _____ C:\Users\CESAR AUGUSTO\Downloads\FRST.txt
2022-01-26 14:35 - 2022-01-26 14:35 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\mbam
2022-01-26 14:34 - 2022-01-26 15:03 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-01-26 14:34 - 2022-01-26 15:03 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-01-26 14:34 - 2022-01-26 15:03 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-01-26 14:34 - 2022-01-26 15:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-01-26 14:34 - 2022-01-26 14:34 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-01-26 14:34 - 2022-01-26 14:34 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-01-26 14:33 - 2022-01-26 15:02 - 000000000 ____D C:\Program Files\Malwarebytes
2022-01-26 14:32 - 2022-01-26 14:32 - 002911928 _____ (Malwarebytes) C:\Users\CESAR AUGUSTO\Downloads\MBSetup.exe
2022-01-26 14:20 - 2022-01-26 14:25 - 000000000 ____D C:\AdwCleaner
2022-01-26 14:17 - 2022-01-26 14:17 - 008540344 _____ (Malwarebytes) C:\Users\CESAR AUGUSTO\Downloads\adwcleaner_8.3.1.exe
2022-01-24 21:27 - 2022-01-27 00:38 - 022020096 _____ C:\WINDOWS\system32\config\SYSTEM
2022-01-24 17:51 - 2022-01-27 14:38 - 000000000 ____D C:\FRST
2022-01-20 21:10 - 2022-01-20 21:10 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\Straight Back Games
2022-01-20 20:09 - 2022-01-27 13:04 - 000001083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk
2022-01-20 20:09 - 2022-01-20 20:09 - 000000000 ____D C:\sh5ldr
2022-01-20 20:09 - 2022-01-20 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2022-01-20 20:09 - 2022-01-20 20:09 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2022-01-20 20:08 - 2022-01-20 20:08 - 000000000 ____D C:\Program Files\EnigmaSoft
2022-01-20 01:55 - 2022-01-20 01:55 - 000000000 ___HD C:\$SysReset
2022-01-20 00:12 - 2022-01-20 00:36 - 000000000 ____D C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Documents\Descargas
2022-01-20 00:09 - 2022-01-20 00:11 - 000000000 ____D C:\Users\CESAR AUGUSTO\Downloads\Descargas
2022-01-19 23:45 - 2022-01-22 00:30 - 000003102 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2022-01-19 23:39 - 2022-01-19 23:39 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\Intel
2022-01-19 23:25 - 2022-01-19 23:25 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2022-01-19 23:25 - 2022-01-19 23:25 - 000000000 ____D C:\Program Files\Common Files\Intel
2022-01-19 23:23 - 2022-01-19 23:23 - 000000000 ____D C:\Users\CESAR AUGUSTO\Intel
2022-01-19 23:14 - 2022-01-22 00:30 - 000003030 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2022-01-19 23:14 - 2022-01-22 00:30 - 000002738 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2022-01-19 23:14 - 2022-01-22 00:30 - 000002664 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2022-01-19 23:14 - 2021-07-23 11:36 - 000041816 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2022-01-19 23:01 - 2022-01-19 23:01 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Skype
2022-01-19 23:00 - 2020-10-05 14:16 - 000000000 ____D C:\Users\CESAR AUGUSTO\Downloads\IRST_Intel_17.5.2.1024_W10x64
2022-01-19 22:42 - 2022-01-19 22:42 - 000000100 _____ C:\Users\CESAR AUGUSTO\Downloads\Epic Games Account Two-Factor backup codes.txt
2022-01-19 14:46 - 2022-01-19 14:46 - 000637152 _____ C:\Users\CESAR AUGUSTO\Downloads\2190211_CamScanner 11-05-2020 11.26.21.pdf
2022-01-19 14:14 - 2022-01-19 14:14 - 000002092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2022-01-19 14:13 - 2022-01-19 14:13 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2022-01-19 14:13 - 2022-01-19 08:45 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-01-19 09:40 - 2022-01-19 09:40 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-01-19 08:52 - 2022-01-19 08:52 - 000000000 ___HD C:\$AV_ASW
2022-01-19 08:47 - 2022-01-24 17:02 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Avast Software
2022-01-19 08:46 - 2022-01-19 14:13 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-01-19 08:46 - 2022-01-19 08:46 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000540056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000021936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Avast Software
2022-01-19 08:46 - 2022-01-19 08:46 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2022-01-19 08:46 - 2022-01-19 08:45 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-01-19 08:46 - 2022-01-19 08:45 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-01-19 08:46 - 2022-01-19 08:45 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-01-19 08:45 - 2022-01-19 08:45 - 000000000 ____D C:\Program Files\Avast Software
2022-01-19 02:34 - 2022-01-22 00:30 - 000002604 _____ C:\WINDOWS\system32\Tasks\mjlooy.exe
2022-01-19 02:34 - 2022-01-20 19:10 - 000000000 ____D C:\Program Files (x86)\ooPWmVcYoOUn
2022-01-19 02:34 - 2022-01-19 08:48 - 000000000 ____D C:\Program Files (x86)\uRMdWzxOLxDU2
2022-01-19 02:34 - 2022-01-19 08:48 - 000000000 ____D C:\Program Files (x86)\uakOxkYKU
2022-01-19 02:34 - 2022-01-19 08:48 - 000000000 ____D C:\Program Files (x86)\LRejWUicAsHpC
2022-01-19 02:34 - 2022-01-19 08:48 - 000000000 ____D C:\Program Files (x86)\DnQSPaWaTKoSTCBOKjR
2022-01-19 02:33 - 2022-01-26 14:53 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\fB9oV
2022-01-19 02:33 - 2022-01-19 19:36 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Green
2022-01-19 02:33 - 2022-01-19 08:48 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\UUID
2022-01-19 02:33 - 2022-01-19 02:33 - 006174399 _____ C:\Users\CESAR AUGUSTO\AppData\LocalLow\MlHPtNgvzv1.zip
2022-01-19 02:33 - 2022-01-19 02:33 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\mC6fU
2022-01-19 02:33 - 2022-01-19 02:33 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\discord_files
2022-01-19 02:32 - 2022-01-26 14:53 - 000000000 ____D C:\Program Files\Common Files\RJXHDPBSQE
2022-01-19 02:32 - 2022-01-19 02:32 - 000916735 _____ (SQLite Development Team) C:\Users\CESAR AUGUSTO\AppData\LocalLow\sqlite3.dll
2022-01-19 02:32 - 2022-01-19 02:32 - 000000000 ____D C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF
2022-01-19 02:07 - 2022-01-26 20:03 - 000000000 ____D C:\Program Files (x86)\Radmin VPN
2022-01-19 02:07 - 2022-01-19 02:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radmin VPN
2022-01-19 01:16 - 2022-01-19 01:16 - 054683722 _____ C:\Users\CESAR AUGUSTO\Downloads\0 BusquedaenScopus.mp4
2022-01-16 22:29 - 2022-01-16 22:29 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\Landfall West
2022-01-16 20:31 - 2022-01-16 19:41 - 000000000 ____D C:\Users\CESAR AUGUSTO\Downloads\NUEVOS MODS
2022-01-16 19:41 - 2022-01-16 20:09 - 037209024 _____ C:\Users\CESAR AUGUSTO\Downloads\NUEVOS MODS.rar
2022-01-16 18:13 - 2022-01-16 18:17 - 000000000 ____D C:\Users\CESAR AUGUSTO\Downloads\Stardew Valley v1.5.4 - LBvinicius02
2022-01-16 17:04 - 2022-01-17 12:35 - 000000000 ____D C:\Program Files\7-Zip
2022-01-16 17:04 - 2022-01-16 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-01-16 17:01 - 2022-01-16 17:26 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\SILLYAUTHORITYSoft
2022-01-15 17:01 - 2022-01-15 17:01 - 000000000 ____D C:\WINDOWS\Panther
2022-01-14 23:30 - 2022-01-14 23:30 - 000000000 ____D C:\WINDOWS\LastGood
2022-01-14 23:22 - 2022-01-14 23:22 - 000002060 _____ C:\Users\Public\Desktop\TLauncher.lnk
2022-01-14 23:22 - 2022-01-11 07:25 - 000710776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-01-14 23:21 - 2022-01-16 20:40 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\.minecraft
2022-01-14 23:21 - 2022-01-16 20:16 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\.tlauncher
2022-01-14 23:21 - 2022-01-14 23:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TLauncher
2022-01-14 23:21 - 2022-01-11 07:28 - 001879784 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-01-14 23:21 - 2022-01-11 07:28 - 001879784 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-01-14 23:21 - 2022-01-11 07:28 - 001467872 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-01-14 23:21 - 2022-01-11 07:28 - 001454824 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-01-14 23:21 - 2022-01-11 07:28 - 001454824 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-01-14 23:21 - 2022-01-11 07:28 - 001206400 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-01-14 23:21 - 2022-01-11 07:28 - 001115368 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-01-14 23:21 - 2022-01-11 07:28 - 001115368 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-01-14 23:21 - 2022-01-11 07:28 - 000969448 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-01-14 23:21 - 2022-01-11 07:28 - 000969448 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-01-14 23:21 - 2022-01-11 07:25 - 001529512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-01-14 23:21 - 2022-01-11 07:25 - 001179096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-01-14 23:21 - 2022-01-11 07:25 - 000797096 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-01-14 23:21 - 2022-01-11 07:25 - 000710824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-01-14 23:21 - 2022-01-11 07:25 - 000637864 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-01-14 23:21 - 2022-01-11 07:24 - 002119792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-01-14 23:21 - 2022-01-11 07:24 - 001601144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-01-14 23:21 - 2022-01-11 07:24 - 000983208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-01-14 23:21 - 2022-01-11 07:24 - 000455792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-01-14 23:21 - 2022-01-11 07:23 - 008609920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-01-14 23:21 - 2022-01-11 07:23 - 005734568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-01-14 23:21 - 2022-01-11 07:23 - 002934696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-01-14 23:21 - 2022-01-11 07:22 - 000850088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-01-14 23:21 - 2022-01-10 18:54 - 000089178 _____ C:\WINDOWS\system32\nvinfo.pb
2022-01-10 23:30 - 2022-01-10 23:30 - 000207030 _____ C:\Users\CESAR AUGUSTO\Downloads\11__Fisica_Semana_2_Periodo_2.pdf
2022-01-08 19:51 - 2022-01-08 19:51 - 042684853 _____ C:\Users\CESAR AUGUSTO\Downloads\MAX BURGER MENÚ.pdf
2022-01-06 13:22 - 2022-01-06 13:22 - 000499120 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2022-01-06 13:22 - 2022-01-06 13:22 - 000431920 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000943464 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000704288 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000589184 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000455616 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000448392 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000373696 _____ C:\WINDOWS\system32\ze_loader.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000142272 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2022-01-06 13:20 - 2022-01-06 13:20 - 027888024 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2022-01-06 13:20 - 2022-01-06 13:20 - 020630424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2022-01-06 13:19 - 2022-01-06 13:19 - 000356824 _____ C:\WINDOWS\system32\ControlLib.dll

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-01-27 14:39 - 2021-09-30 18:15 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\discord
2022-01-27 14:27 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-27 14:24 - 2021-06-11 16:00 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Discord
2022-01-27 13:56 - 2020-11-29 23:31 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-27 13:04 - 2021-03-31 12:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-27 11:18 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-27 11:17 - 2020-11-29 23:39 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\D3DSCache
2022-01-27 10:34 - 2020-11-30 19:02 - 000000000 ____D C:\ProgramData\Autodesk
2022-01-27 10:28 - 2021-03-31 12:14 - 001761368 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-27 10:28 - 2019-12-07 10:03 - 000781652 _____ C:\WINDOWS\system32\perfh00A.dat
2022-01-27 10:28 - 2019-12-07 10:03 - 000152254 _____ C:\WINDOWS\system32\perfc00A.dat
2022-01-27 10:24 - 2021-06-22 15:03 - 000000000 ____D C:\Program Files\TeamViewer
2022-01-27 10:24 - 2021-03-31 12:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-27 10:24 - 2021-03-13 11:00 - 000000000 ____D C:\ProgramData\Avast Software
2022-01-27 10:24 - 2020-12-01 07:19 - 000000000 ___RD C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER
2022-01-27 10:24 - 2020-11-30 07:02 - 000000000 __SHD C:\Users\CESAR AUGUSTO\IntelGraphicsProfiles
2022-01-27 10:24 - 2020-09-11 01:06 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-27 10:24 - 2020-09-11 00:30 - 000000000 ___HD C:\Intel
2022-01-27 10:24 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-27 10:23 - 2021-03-31 12:06 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-27 00:38 - 2019-12-07 04:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-01-27 00:37 - 2020-12-02 07:31 - 000000000 ____D C:\Program Files (x86)\Steam
2022-01-26 15:42 - 2021-03-31 12:07 - 000000000 ____D C:\Users\CESAR AUGUSTO
2022-01-26 15:03 - 2021-06-24 14:13 - 000000282 __RSH C:\ProgramData\ntuser.pol
2022-01-26 14:53 - 2021-06-21 18:37 - 000000000 ____D C:\Program Files\Stellar Data Recovery
2022-01-26 14:53 - 2021-06-21 12:21 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\nW6mI-7yS1k
2022-01-26 14:53 - 2021-06-21 11:18 - 000000000 ____D C:\ProgramData\60
2022-01-26 14:53 - 2021-06-21 11:17 - 000000000 ____D C:\ProgramData\66
2022-01-26 14:53 - 2021-06-21 11:17 - 000000000 ____D C:\Program Files (x86)\Company
2022-01-26 14:34 - 2019-12-07 04:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-26 14:25 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-01-26 14:09 - 2020-12-23 18:35 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-26 14:05 - 2021-06-21 11:21 - 021233664 _____ C:\WINDOWS\system32\C_32770.NLS
2022-01-24 17:02 - 2020-12-04 08:26 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-24 17:02 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-24 17:02 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-24 16:59 - 2021-11-09 21:02 - 000000592 _____ C:\WINDOWS\Tasks\MATLAB R2021b Startup Accelerator.job
2022-01-22 00:31 - 2020-11-30 12:55 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\CrashDumps
2022-01-22 00:30 - 2021-12-11 11:00 - 000003126 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2694221440-3033398545-1844018541-1001
2022-01-22 00:30 - 2021-11-09 21:02 - 000003322 _____ C:\WINDOWS\system32\Tasks\MATLAB R2021b Startup Accelerator
2022-01-22 00:30 - 2021-06-27 17:45 - 000002234 _____ C:\WINDOWS\system32\Tasks\NitroSense
2022-01-22 00:30 - 2021-06-24 12:24 - 000002650 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2022-01-22 00:30 - 2021-06-22 14:44 - 000003982 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1624391081
2022-01-22 00:30 - 2021-06-22 14:44 - 000003720 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1624391072
2022-01-22 00:30 - 2021-06-21 11:18 - 000002838 _____ C:\WINDOWS\system32\Tasks\Firefox Default Browser Agent D2BCC463C39A6988
2022-01-22 00:30 - 2021-06-21 02:16 - 000003982 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1624259789
2022-01-22 00:30 - 2021-06-21 02:16 - 000003720 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1624259783
2022-01-22 00:30 - 2021-04-25 23:31 - 000003374 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d72650cda261e2
2022-01-22 00:30 - 2021-04-06 09:39 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2694221440-3033398545-1844018541-1001
2022-01-22 00:30 - 2021-04-06 09:10 - 000003438 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{60644F42-85B0-4A4F-A239-78B3764B8658}
2022-01-22 00:30 - 2021-03-31 12:12 - 000004362 _____ C:\WINDOWS\system32\Tasks\Software Update Application
2022-01-22 00:30 - 2021-03-31 12:12 - 000003910 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled assistant Autoupdate 1615899705
2022-01-22 00:30 - 2021-03-31 12:12 - 000003642 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1608758439
2022-01-22 00:30 - 2021-03-31 12:12 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-22 00:30 - 2021-03-31 12:12 - 000003546 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-22 00:30 - 2021-03-31 12:12 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-22 00:30 - 2021-03-31 12:12 - 000003458 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003322 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-22 00:30 - 2021-03-31 12:12 - 000003212 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003044 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000002974 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000002804 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:27 - 2021-04-06 09:39 - 000002456 _____ C:\Users\CESAR AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-21 00:41 - 2020-11-30 07:02 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Packages
2022-01-20 22:31 - 2021-09-07 13:05 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Ubisoft Game Launcher
2022-01-20 22:31 - 2021-03-31 12:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-01-20 21:28 - 2020-11-29 23:36 - 000000000 ____D C:\Program Files (x86)\Epic Games
2022-01-20 20:59 - 2020-09-11 00:37 - 000000000 ____D C:\Program Files (x86)\Intel
2022-01-20 20:59 - 2020-09-11 00:35 - 000000000 ____D C:\ProgramData\Package Cache
2022-01-20 19:01 - 2020-12-29 12:26 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-01-20 01:18 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-19 23:41 - 2020-09-11 00:35 - 000000000 ____D C:\Program Files\Intel
2022-01-19 23:39 - 2020-09-11 00:36 - 000000000 ____D C:\ProgramData\Intel
2022-01-19 23:14 - 2020-11-30 07:02 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Intel
2022-01-19 14:49 - 2019-11-06 02:46 - 000000000 ___HD C:\OEM
2022-01-19 13:34 - 2021-07-01 22:14 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Telegram Desktop
2022-01-19 09:40 - 2020-11-30 14:50 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Zoom
2022-01-19 08:21 - 2020-12-24 18:53 - 000192736 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2022-01-19 08:21 - 2020-12-24 18:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-01-19 08:21 - 2020-12-24 18:53 - 000000000 ____D C:\Program Files\Java
2022-01-19 03:12 - 2020-11-30 13:03 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\StardewValley
2022-01-19 02:34 - 2019-03-18 23:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2022-01-19 02:32 - 2021-06-21 11:18 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Yandex
2022-01-17 17:58 - 2021-06-05 16:56 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\obs-studio
2022-01-17 16:20 - 2020-12-05 19:10 - 000000000 ____D C:\Program Files\Epic Games
2022-01-16 21:58 - 2021-09-07 13:05 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2022-01-16 21:58 - 2021-09-07 13:05 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2022-01-16 18:15 - 2021-06-26 10:55 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2022-01-16 18:15 - 2020-11-30 13:00 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2022-01-15 17:10 - 2020-12-01 00:08 - 000000000 ____D C:\Program Files\Microsoft Office
2022-01-14 23:31 - 2020-12-24 19:06 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\NVIDIA
2022-01-13 22:37 - 2020-11-30 16:32 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Adobe
2022-01-12 15:44 - 2021-11-26 14:56 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-11 07:24 - 2020-12-04 08:34 - 000792688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-01-11 07:23 - 2021-09-30 11:30 - 007713392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-01-11 07:23 - 2021-09-30 11:30 - 005099176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-01-11 07:21 - 2021-09-30 11:30 - 006455824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-01-11 07:21 - 2020-12-04 08:34 - 007610232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-01-02 00:28 - 2021-07-06 14:42 - 000001451 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2022-01-02 00:28 - 2020-09-11 01:03 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-01-02 00:28 - 2020-09-11 01:03 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-01-02 00:28 - 2020-09-11 01:03 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-12-29 11:40 - 2021-11-30 22:15 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\Unity
2021-12-28 11:11 - 2020-12-23 16:20 - 000001585 _____ C:\Users\CESAR AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera GX.lnk

==================== Archivos en la raíz de algunos directorios ========

2021-06-21 12:31 - 2021-06-21 12:31 - 000000043 _____ () C:\Users\CESAR AUGUSTO\AppData\Roaming\3ffa.3ffa
2021-06-21 11:20 - 2021-06-21 11:20 - 000000558 _____ () C:\Users\CESAR AUGUSTO\AppData\Local\bowsakkdestx.txt
2021-07-17 13:04 - 2021-07-17 13:04 - 000007603 _____ () C:\Users\CESAR AUGUSTO\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

El reporte de Adition.txt lo dividiré en tres partes porque no me deja enviarlo de una. Parte 1:

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 26-01-2022
Ejecutado por CESAR AUGUSTO (27-01-2022 14:39:20)
Ejecutado desde C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Desktop
Microsoft Windows 10 Home Versión 20H2 19042.1052 (X64) (2021-03-31 17:12:29)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-2694221440-3033398545-1844018541-500 - Administrator - Disabled)
CESAR AUGUSTO (S-1-5-21-2694221440-3033398545-1844018541-1001 - Administrator - Enabled) => C:\Users\CESAR AUGUSTO
DefaultAccount (S-1-5-21-2694221440-3033398545-1844018541-503 - Limited - Disabled)
Invitado (S-1-5-21-2694221440-3033398545-1844018541-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2694221440-3033398545-1844018541-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Norton Security Ultra (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Norton Security Ultra (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: Norton Security Ultra (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Avast Antivirus (Disabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
FW: Norton Security Ultra (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\uTorrent) (Version: 3.5.5.46038 - BitTorrent Inc.)
7-Zip 21.07 (x64) (HKLM\...\7-Zip) (Version: 21.07 - Igor Pavlov)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Jumpstart (HKLM-x32\...\{E3930B59-5669-4BAB-A329-D56C1427C613}) (Version: 3.3.19180.100 - Acer)
Acer Network Optimizer (HKLM-x32\...\{3C8FA4F4-8471-4C60-9002-9B9F78B7B483}) (Version: 4 - Acer)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1034-1033-7760-BC15014EA700}) (Version: 21.011.20039 - Adobe)
Anaconda3 2020.11 (Python 3.8.5 64-bit) (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Anaconda3 2020.11 (Python 3.8.5 64-bit)) (Version: 2020.11 - Anaconda, Inc.)
Aplicación de escritorio de Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.2.0.34 - Autodesk)
Aplicaciones de Microsoft 365 para empresas - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.14729.20260 - Microsoft Corporation)
Aplicaciones destacadas de Autodesk 2020-2021 (HKLM-x32\...\{2CBD494D-0A3E-4CB3-AFB3-8CE1734613B0}) (Version: 3.1.0 - Autodesk)
AutoCAD 2021 - Español (Spanish) (HKLM\...\{28B89EEF-4101-040A-2102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden
Autodesk Advanced Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{C9FDA270-A0B9-45EE-8748-F37DF1370767}) (Version: 19.1.23.0 - Autodesk)
Autodesk Advanced Material Library Base Resolution Image Library 2022 (HKLM-x32\...\{7E78B513-B354-4833-8897-3ED5C515D30F}) (Version: 20.3.7.0 - Autodesk)
Autodesk Advanced Material Library Low Resolution Image Library 2021 (HKLM-x32\...\{AB7DC10F-1D72-4F90-988F-CDC2D6323A48}) (Version: 19.1.23.0 - Autodesk)
Autodesk Advanced Material Library Low Resolution Image Library 2022 (HKLM-x32\...\{EEAD8CC3-B6B7-4D4B-AF0D-4BBD3D93D67C}) (Version: 20.3.7.0 - Autodesk)
Autodesk Advanced Material Library Medium Resolution Image Library 2022 (HKLM-x32\...\{493ACC3C-3ABF-4CBB-8F6E-E4433090A589}) (Version: 20.3.7.0 - Autodesk)
Autodesk App Manager 2020-2021 (HKLM-x32\...\{DB92FEA7-F78C-469E-B138-E2303220F0C4}) (Version: 3.1.0 - Autodesk)
Autodesk AutoCAD 2021 - Español (Spanish) (HKLM\...\AutoCAD 2021 - Español (Spanish)) (Version: 24.0.47.0 - Autodesk)
Autodesk Cloud Models for Revit 2021 (HKLM\...\{AA384BE4-2101-0030-0000-97E7D7D021A1}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Genuine Service (HKLM\...\{1C5DB7B1-CE18-438C-B071-3AD6B8ADA5A0}) (Version: 4.4.0.85 - Autodesk)
Autodesk Material Library 2021 (HKLM-x32\...\{8C559572-4A10-43C2-9346-6E7C7E012487}) (Version: 19.1.23.0 - Autodesk)
Autodesk Material Library 2022 (HKLM-x32\...\{A9221A68-5AD0-4215-B54F-CB5DBA4FB27C}) (Version: 20.3.7.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{EFC36459-CD89-44F3-BA04-B7C5804199AF}) (Version: 19.1.23.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2022 (HKLM-x32\...\{6256584F-B04B-41D4-8A59-44E70940C473}) (Version: 20.3.7.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2021 (HKLM-x32\...\{AD6312B6-3056-460A-833F-02654FAC5FCE}) (Version: 19.1.23.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2022 (HKLM-x32\...\{490259AE-1021-4BED-B74B-162151EC45C7}) (Version: 20.3.7.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2021 (HKLM-x32\...\{69D8FFED-B14E-4998-BBC2-535006E195D6}) (Version: 19.1.23.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2022 (HKLM-x32\...\{8300AA3F-6ADF-4233-A1FB-73B1894102F0}) (Version: 20.3.7.0 - Autodesk)
Autodesk Revit 2021 (HKLM\...\{AA3C5F33-570B-3989-8542-D5DC0F759221}) (Version: 21.1.21.45 - Autodesk, Inc.)
Autodesk Revit 2021 Revit MEP Imperial Content (HKLM\...\{80B2AAE7-4B04-4BDE-B545-DA0298C548FD}) (Version: 2.2 - Autodesk) Hidden
Autodesk Revit 2021 Revit MEP Metric Content (HKLM\...\{18FAFC92-6F7A-4894-ACD1-19EC6C4E639B}) (Version: 2.2 - Autodesk) Hidden
Autodesk Revit Content Core 2021 (HKLM\...\{583895D0-2021-0410-0000-9241AD002DA5}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Core-RVT 2021 (HKLM\...\{CC7D1ED0-2021-0410-0000-1CC925969102}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Core-RVT 2021 (HKLM-x32\...\{1aa4d703-a089-48e4-b1d0-ae8e867add5f}) (Version: 21.0.0.0 - Autodesk) Hidden
Autodesk Revit Content Essential-CHS 2021 (HKLM\...\{848BACE1-2021-2052-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-CHT 2021 (HKLM\...\{848BACE1-2021-1028-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-CSY 2021 (HKLM\...\{848BACE1-2021-1029-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-DEU 2021 (HKLM\...\{848BACE1-2021-1031-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-DEU 2021 (HKLM-x32\...\{435bd39b-3dd5-416c-92fa-3c74410c8ea0}) (Version: 21.0.0.0 - Autodesk) Hidden
Autodesk Revit Content Essential-ENG 2021 (HKLM\...\{848BACE1-2021-2057-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-ENU 2021 (HKLM\...\{848BACE1-2021-1033-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-ENU 2021 (HKLM-x32\...\{cc2718e8-7490-46e0-b667-2d7b41238bc6}) (Version: 21.0.0.0 - Autodesk) Hidden
Autodesk Revit Content Essential-ESP 2021 (HKLM\...\{848BACE1-2021-1034-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-FRA 2021 (HKLM\...\{848BACE1-2021-1036-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-ITA 2021 (HKLM\...\{848BACE1-2021-1040-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-JPN 2021 (HKLM\...\{848BACE1-2021-1041-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-KOR 2021 (HKLM\...\{848BACE1-2021-1042-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-PLK 2021 (HKLM\...\{848BACE1-2021-1045-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-PTB 2021 (HKLM\...\{848BACE1-2021-1046-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-RUS 2021 (HKLM\...\{848BACE1-2021-1049-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Unit Schemas 2021 (HKLM\...\{CDCC6F31-2021-4912-8E9B-D562B70697B6}) (Version: 21.1.21.45 - Autodesk)
Autodesk Revit Unit Schemas 2022 (HKLM\...\{CDCC6F31-2022-4901-8E9B-D562B70697B6}) (Version: 22.0.2.392 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{B9F5BDED-021C-4926-8518-4FA7114B7040}) (Version: 12.3.3.1803 - Autodesk)
Autodesk Spanish Content for Revit 2022 (HKLM\...\{205C6D76-2022-1034-B227-DC6376F702DC}) (Version: 22.1.0.406 - Autodesk) Hidden
Autodesk Spanish Content for Revit LT 2022 (HKLM\...\{CE9E7254-2022-1034-A79C-D96B1058992D}) (Version: 22.1.0.407 - Autodesk) Hidden
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
Batch Print for Autodesk Revit 2021 (HKLM\...\{82AF00E4-2101-0010-0000-FCE0F87021A1}) (Version: 21.1.21.45 - Autodesk) Hidden
Care Center Service (HKLM\...\{AFB52E98-7597-4484-9202-58F0FD3512ED}) (Version: 4.00.3019 - Acer Incorporated)
Discord (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.)
Documentation Manager (HKLM\...\{E80BFF97-B9A6-41B6-8686-7A7CC235AB91}) (Version: 22.100.1.1 - Intel Corporation) Hidden
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3026 - Acer Incorporated)
Dynamic Application Loader Host Interface Service (HKLM\...\{D492644D-815B-48F6-B079-6E1FE92FCFDE}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Enscape (HKLM\...\{205B2C56-8CA7-402C-A8B8-D614F8795204}) (Version: 3.1.2.55592 - Enscape GmbH)
Epic Games Launcher (HKLM-x32\...\{5EDB15EA-8B3E-4C51-AE28-7BFFE25208C2}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
EPSON L575 Series Printer Uninstall (HKLM\...\EPSON L575 Series) (Version:  - SEIKO EPSON Corporation)
eTransmit for Autodesk Revit 2021 (HKLM\...\{4477F08B-2101-0010-0000-9A09D83421A1}) (Version: 21.1.21.45 - Autodesk) Hidden
FormIt Converter For Revit 2021 (HKLM\...\{6865122A-3762-2021-A6C8-89011772ADA2}) (Version: 21.1.19.1 - Autodesk) Hidden
Generative Design For Revit (HKLM\...\{9001EBB9-B3FE-4A10-BA1C-DCBE352FCC57}) (Version: 21.11.1.0 - Autodesk)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
GoTrust ID Plugin 2.0.10.26 (HKLM\...\GoTrust ID Plugin) (Version: 2.0.10.26 - GoTrust ID Inc.)
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version:  - Richard)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.53.3) (Version: 9.53.3 - Artifex Software Inc.)
Guardar en la versión web y para dispositivos móviles de Autodesk (HKLM\...\{A9005AC0-4AD8-4E84-B1F7-EE38BB6BCC2D}) (Version: 3.0.26 - Autodesk)
Hollow Knight MULTi2 - ElAmigos versión 1.4.3.2 (HKLM-x32\...\{1CD3BBBF-DF40-4A2B-9580-F1021E575C2C}_is1) (Version: 1.4.3.2 - Team Cherry)
Intel(R) Chipset Device Software (HKLM-x32\...\{70281077-96c3-4f75-938c-dc4746110c00}) (Version: 10.1.17903.8106 - Intel(R) Corporation)
Intel(R) Computing Improvement Program (HKLM\...\{88B98508-2D8F-46F1-90AD-557BE40C7067}) (Version: 2.4.07642 - Intel Corporation)
Intel(R) Computing Improvement Program (HKLM-x32\...\{56000ce0-6041-44e2-b87e-810aa3c8c54f}) (Version: 2.4.7642 - Intel Corporation) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{31949e15-2f6e-4f85-8280-9228b2ba14a9}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1946.12.0.1328 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.6911 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1007 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1915.1 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001100-0220-1034-84C8-B8D95FA3C8C3}) (Version: 22.100.1.1 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{4B3C56AB-963E-4F48-9747-05297683DB3B}) (Version: 16.8.3.1003 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{84a8d138-a6e7-4326-b967-45bd6df40976}) (Version: 22.100.1.1 - Intel Corporation) Hidden
Java 8 Update 321 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180321F0}) (Version: 8.0.3210.7 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.2.157 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.2.157 - Malwarebytes)
MATLAB R2021b (HKLM\...\Matlab R2021b) (Version: 9.11 - MathWorks)
Mendeley Desktop 1.19.4 (HKLM-x32\...\Mendeley Desktop) (Version: 1.19.4 - Mendeley Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.69 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{BAF67399-85CD-4555-9B49-1F80EB921C35}) (Version: 12.3.6024.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Teams) (Version: 1.4.00.32771 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30129 (HKLM-x32\...\{b8c00579-2fe5-46b7-9752-8a13e5be7155}) (Version: 14.29.30129.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.9 (x86) (HKLM-x32\...\{adb8593e-4b1d-48bf-a86f-d39db017d999}) (Version: 3.1.9.29323 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiKTeX (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\MiKTeX) (Version: 20.11 - MiKTeX.org)
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
NitroSense Service (HKLM\...\{6FC78E80-6385-43D6-8A43-FA80094F1A2E}) (Version: 3.01.3012 - Acer Incorporated)
NVIDIA Controlador de audio HD 1.3.39.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.1 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 511.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 511.23 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.0.0 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
OpenStudio CLI For Revit 2021 (HKLM\...\{3BD91CC3-CA0A-4B3D-8950-C21BABFAF61F}) (Version: 0.1.17 - NREL)
OpenStudio CLI For Revit 2022 (HKLM\...\{7F84EE71-7DAF-4CEE-B063-FA3C931E1206}) (Version: 1.0.3 - NREL)
Opera GX Stable 82.0.4227.50 (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Opera GX 82.0.4227.50) (Version: 82.0.4227.50 - Opera Software)
OWN3D for OBS Studio version 1.4.7.0 (HKLM\...\{31A72556-7590-4678-AB69-96D602C95C02}}_is1) (Version: 1.4.7.0 - Own3d media GmbH)
Personal Accelerator for Revit (HKLM\...\{6E1DC831-145C-4FB6-97CC-714AB058D840}) (Version: 22.0.5.0 - Autodesk) Hidden
Personal Accelerator for Revit (HKLM\...\Personal Accelerator for Revit) (Version: 22.0.5.0 - Autodesk)
Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3017 - Acer Incorporated)
Radmin Viewer 3.5.2 (HKLM-x32\...\{9F9073EA-5DCE-4B23-8A0C-C7D2C89AEADC}) (Version: 3.52.1.0000 - Famatech)
Radmin VPN 1.2.1 (HKLM-x32\...\{4F6D003D-E674-4019-A4B5-CD632584CFE8}) (Version: 1.2.4457 - Famatech)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Revit 2021 (HKLM\...\{7346B4A0-2100-0510-0000-705C0D862004}) (Version: 21.1.21.45 - Autodesk) Hidden
Spanish Content for Autodesk Revit 2022 (HKLM\...\{1429076C-210B-3749-B574-5E1389A74BFE}) (Version: 22.1.0.406 - Autodesk, Inc.)
Spanish Content for Autodesk Revit LT 2022 (HKLM\...\{6EF2C3C6-747B-3663-B73A-08E186776A3B}) (Version: 22.1.0.407 - Autodesk, Inc.)
SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.12.22.273 - EnigmaSoft Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellar Data Recovery (HKLM\...\Stellar Data Recovery_is1) (Version: 9.0.0.3 - Stellar Information Technology Pvt Ltd.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.19.3 - TeamViewer)
Telegram Desktop version 3.4.3 (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.4.3 - Telegram FZ-LLC)
Texmaker 5.0.4 (64-bit) (HKLM-x32\...\{A0BF9BD0-B576-47A7-B650-0204CB190D28}) (Version: 5.0.4.0 - Texmaker)
TLauncher (HKLM-x32\...\TLauncher) (Version: 2.839 - TLauncher Inc.)
Tracker (HKLM-x32\...\OSP Tracker) (Version: 5.1.5 - Open Source Physics)
TranslucentTB (HKLM-x32\...\TranslucentTB_is1) (Version: 9.0.0.0 - TranslucentTB Open Source Developers)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
User Experience Improvement Program Service (HKLM\...\{E9495FD3-F73D-4D33-A104-047F9E8BE6C7}) (Version: 4.00.3106 - Acer Incorporated)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 97.0.1072.69 - Microsoft Corporation)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Worksharing Monitor for Autodesk Revit 2021 (HKLM\...\{5063E738-2101-0010-0000-7B7B9AB021A1}) (Version: 21.1.21.45 - Autodesk) Hidden
XSplit Gamecaster (HKLM-x32\...\{CAC84AB6-6C1D-41C5-A21C-1D48889E9C3B}) (Version: 3.4.1812.0308 - SplitmediaLabs)
YoutubeDownloader (HKLM-x32\...\8C0F71DE-0916-4A6F-8C72-6DE437DA32BB) (Version: 2.0.0.1619 - )
Zoom (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)

Packages:
=========
Acer Collection S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollectionS_1.0.3004.0_x64__48frkmn4z8aw4 [2021-06-21] (Acer Incorporated)
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3024.0_x64__48frkmn4z8aw4 [2021-06-21] (Acer Incorporated)
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3019.0_x64__48frkmn4z8aw4 [2021-06-21] (Acer Incorporated)
Complemento de motor multimedia para Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-06-21] (Microsoft Corporation)
Dropbox - promoción -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2021-06-21] (Dropbox Inc.)
GoTrust ID -> C:\Program Files\WindowsApps\GOTrustTechnologyInc.GO-TrustAuthenticator_3.1.21.0_x64__0r04f53sqacg6 [2021-06-21] (GoTrustID Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-06-21] (INTEL CORP)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt [2021-06-21] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-06-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-06-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-21] (Microsoft Studios) [MS Ad]
NitroSense_V31 -> C:\Program Files\WindowsApps\AcerIncorporated.NitroSenseV31_3.1.3012.0_x64__48frkmn4z8aw4 [2021-06-27] (Acer Incorporated)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2022-01-14] (NVIDIA Corp.)
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.5229.0_x64__ypz87dpxkv292 [2021-06-21] (CYBERLINK COM CORP)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2021-06-21] (CYBERLINK COM CORP)
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3017.0_x64__48frkmn4z8aw4 [2021-06-21] (Acer Incorporated)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-12-03] (Adobe Systems Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.10.216.0_x64__dt26b99r8h8gj [2021-10-06] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0 [2021-06-21] (Spotify AB) [Startup Task]
User Experience Improvement Program -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgram_4.0.3106.0_x64__48frkmn4z8aw4 [2021-06-21] (Acer Incorporated)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2021-06-21] (VideoLAN)
Waves MaxxAudio For Acer -> C:\Program Files\WindowsApps\WavesAudio.20761030F5EAC_1.0.67.0_x64__fh4rh281wavaa [2021-06-21] (Waves Audio)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001_Classes\CLSID\{04271989-C4D2-A882-C56E-8AF8B5E46641} -> [OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER] => C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER [2020-12-01 07:19]
CustomCLSID: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\CESAR AUGUSTO\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21264.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2021\es-ES\acadficn.dll (Autodesk Asia Pte. Ltd. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Archivo no firmado] [El archivo está en uso]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-01-19] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2020-01-22] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-01-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2020-01-22] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-01-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-01-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-01-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Archivo no firmado] [El archivo está en uso]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> Ningún archivo
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_a87281c4bd1a1369\nvshext.dll [2022-01-11] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-01-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-01-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> Ningún archivo
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\CESAR AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (anaconda3).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /K ""C:\Users\CESAR AUGUSTO\anaconda3\Scripts\activate.bat" "C:\Users\CESAR AUGUSTO\anaconda3""

==================== Módulos cargados (Lista blanca) =============

2022-01-16 17:21 - 2021-12-26 09:00 - 000093696 _____ (Igor Pavlov) [Archivo no firmado] C:\Program Files\7-Zip\7-zip.dll
2021-07-23 11:36 - 2021-07-23 11:36 - 001638912 _____ (Robert Simpson, et al.) [Archivo no firmado] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2021-07-23 11:36 - 2021-07-23 11:36 - 002122240 _____ (SQLite Development Team) [Archivo no firmado] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Users\CESAR AUGUSTO\Datos de programa:eb92b835a834003ac00ee2632de0e925 [394]
AlternateDataStreams: C:\Users\CESAR AUGUSTO\AppData\Roaming:eb92b835a834003ac00ee2632de0e925 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [9270]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado.)

HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\Software\Classes\.scr: AutoCADScriptFile => 

==================== Internet Explorer (Lista blanca) ==========

SearchScopes: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001 -> DefaultScope {828C1182-676C-438B-886C-A282A60B46E7} URL = 
SearchScopes: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001 -> {828C1182-676C-438B-886C-A282A60B46E7} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-11-03] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_321\bin\ssv.dll [2022-01-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_321\bin\jp2ssv.dll [2022-01-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\sharepoint.com -> hxxps://correouisedu-files.sharepoint.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2019-03-18 23:49 - 2022-01-19 02:32 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\dotnet\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\MATLAB\R2021b\runtime\win64;C:\Program Files\MATLAB\R2021b\bin;
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 190.157.8.100 - 190.157.8.101
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está habilitado.

Network Binding:
=============
Wi-Fi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) 
Radmin VPN: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) 
Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) 

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\Run: => "pac"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service "
HKLM\...\StartupApproved\Run32: => "RadminVPN"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "haleng"
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\StartupApproved\StartupFolder: => "3ffadc7a.exe"
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\StartupApproved\Run: => "btweb"
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\StartupApproved\Run: => "Prun"

Parte 2:

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [UDP Query User{55884889-3C47-4F82-BE5D-DF9E24763456}C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.415\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.415\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{03C06329-3200-424E-800C-A84CDBB537C2}C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.415\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.415\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{DCF7EEC0-9C7E-4257-A042-768AE2712AD2}C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.400\opera.exe] => (Block) C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.400\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{019D8BCE-F65B-4B5E-88BD-6525FD18EDD8}C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.400\opera.exe] => (Block) C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.400\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{464C174D-9BFF-4E14-9542-888E6D58BD33}C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.400\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.400\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{0C8A09D8-9736-4C0F-B6EA-F53D0782FA53}C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.400\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.400\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{7389770C-9CBB-4A65-87BA-CA30D871DC41}C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.396\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.396\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{457BB0C6-1D26-4373-9F3D-5BAA98332D35}C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.396\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.396\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{92C8C6D7-4733-4CBA-A511-10DACC755645}C:\users\cesar augusto\appdata\local\programs\opera gx\72.0.3815.487\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\72.0.3815.487\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{2940A571-3388-4799-B9DA-5D75FD50419F}C:\users\cesar augusto\appdata\local\programs\opera gx\72.0.3815.487\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\72.0.3815.487\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{7DD623D5-A736-4BAE-B6E5-E84E5A9AB613}C:\program files (x86)\tracker\jre\bin\java.exe] => (Allow) C:\program files (x86)\tracker\jre\bin\java.exe
FirewallRules: [TCP Query User{86DB1E87-F925-410E-8375-991BADBE17F3}C:\program files (x86)\tracker\jre\bin\java.exe] => (Allow) C:\program files (x86)\tracker\jre\bin\java.exe
FirewallRules: [UDP Query User{AF784F14-1608-4B38-AFE1-31E95BB3E365}C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe (Hirez Studios, Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{E83627EC-A38A-4933-86D7-28B44C7124A0}C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe (Hirez Studios, Inc.) [Archivo no firmado]
FirewallRules: [{9EDBFB53-B974-4AE9-B2BA-A34F9651E19D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{FFED554E-7F8E-4B11-B42D-9FC87325C997}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{4DFCBE12-14D8-4EF7-A86F-CF8113A1864C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{83F373BA-058E-42FC-B263-D1256AB00DCD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{B0A1E6ED-15F9-4149-AF2F-9B5E74942600}C:\users\cesar augusto\onedrive - universidad industrial de santander\desktop\among us 2020.12.9 suscribete a jeylini\among us.exe] => (Allow) C:\users\cesar augusto\onedrive - universidad industrial de santander\desktop\among us 2020.12.9 suscribete a jeylini\among us.exe => Ningún archivo
FirewallRules: [TCP Query User{8A0EE117-CD64-4CBC-B962-331C5FA9D538}C:\users\cesar augusto\onedrive - universidad industrial de santander\desktop\among us 2020.12.9 suscribete a jeylini\among us.exe] => (Allow) C:\users\cesar augusto\onedrive - universidad industrial de santander\desktop\among us 2020.12.9 suscribete a jeylini\among us.exe => Ningún archivo
FirewallRules: [UDP Query User{F8EF71AC-0403-40FE-9CF0-2D991ACAC03B}C:\program files (x86)\steam\steamapps\common\nomads of driftland\nomads\binaries\win64\nomads-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\nomads of driftland\nomads\binaries\win64\nomads-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{9DB65C10-80F6-4C6C-B802-1BC5FE46598C}C:\program files (x86)\steam\steamapps\common\nomads of driftland\nomads\binaries\win64\nomads-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\nomads of driftland\nomads\binaries\win64\nomads-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{B202223C-95A7-4772-9483-6BE1C1BB114B}C:\program files (x86)\tracker\jre\bin\java.exe] => (Allow) C:\program files (x86)\tracker\jre\bin\java.exe
FirewallRules: [TCP Query User{E48FB5BC-CA48-4052-8849-44B34E6B0F79}C:\program files (x86)\tracker\jre\bin\java.exe] => (Allow) C:\program files (x86)\tracker\jre\bin\java.exe
FirewallRules: [UDP Query User{04A17AF4-5537-4CB9-B04C-4C099B4E5359}C:\users\cesar augusto\appdata\local\programs\opera gx\72.0.3815.465\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\72.0.3815.465\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{943FA5D3-B403-481E-9589-E45766BE441D}C:\users\cesar augusto\appdata\local\programs\opera gx\72.0.3815.465\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\72.0.3815.465\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{878CB4D7-5B16-4911-BE7B-FB8D930B6959}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{9DC768A2-CF47-4E06-830B-387D9F8D83F3}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{B56D4A9C-3269-4E84-B330-613282B093AC}C:\users\cesar augusto\appdata\local\programs\opera gx\72.0.3815.459\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\72.0.3815.459\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{13DCBCDC-6106-4EF6-A160-52CF109C7BB8}C:\users\cesar augusto\appdata\local\programs\opera gx\72.0.3815.459\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\72.0.3815.459\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{FEF650CF-48B8-4EBD-861A-B5135721AE00}C:\program files\epic games\smite\binaries\win64\smite.exe] => (Allow) C:\program files\epic games\smite\binaries\win64\smite.exe => Ningún archivo
FirewallRules: [TCP Query User{6245BE45-7738-4F67-8492-347411FB308B}C:\program files\epic games\smite\binaries\win64\smite.exe] => (Allow) C:\program files\epic games\smite\binaries\win64\smite.exe => Ningún archivo
FirewallRules: [{6C0509D6-F7C0-41CD-A5DF-44230EFDC5AD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E82137A8-6F20-419E-A5B9-64182717C143}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FF265286-99B9-43E0-BA21-8B6DFE179C48}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Ningún archivo
FirewallRules: [{E0FE3AB6-90AB-44B5-8C30-381EEC2361AD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Ningún archivo
FirewallRules: [{480B5EC9-D5FC-4BF5-9A45-30BF684B73A5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1FFD07AB-5AC3-4FB0-8EB3-E9126883C078}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{5A59DF9E-E70D-48BB-AFD0-08A8499229D9}C:\users\cesar augusto\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\cesar augusto\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{7B430523-D3F0-479B-9011-3C0D9DBE073D}C:\users\cesar augusto\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\cesar augusto\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8B00C0C0-9E1E-40B6-BAFF-86DB177998B7}] => (Allow) C:\Users\CESAR AUGUSTO\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B7AE1EC3-D051-45DD-822F-7B27E5B9FFA7}] => (Allow) C:\Users\CESAR AUGUSTO\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{FDA7A803-3D7A-4132-BA79-1F9ADEF631A0}] => (Allow) C:\Users\CESAR AUGUSTO\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{5BABB899-BE61-4C1B-8212-53AB96BC6C5A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => Ningún archivo
FirewallRules: [{4ADC6AA0-3534-407C-A15F-60522E96C191}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{7F174C44-AC8E-477A-A212-E2CFF94C0B8F}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{961565F1-D8C2-4394-A32B-3B32D2BAB44C}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{2BF584AC-748B-4855-822F-EED04FF05B00}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{5286D2D3-385A-49CD-924F-F288408E73A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{23242948-F517-4452-BB8D-306F11735E46}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{A3E89B87-FB60-4A31-A8E4-10CEF25BAF57}C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.421\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.421\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{0E9175F3-553C-4EFE-A04F-94BB71636C10}C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.421\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.421\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{D45A0DD2-BB4E-49AE-B57E-FFC459EF7FD2}C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.424\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.424\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{4EF68C8B-1E68-473A-B884-D947CD25EB59}C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.424\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.424\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{4EB199CF-E2FE-4276-8F64-1A60EB463CD4}C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.427\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.427\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{DE5AE257-C238-4764-9B5D-E692466C5914}C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.427\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.427\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{812546F1-37FF-440F-9DD2-C1A89456A657}C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.434\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.434\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{F8CAC5F6-8029-4B57-8995-FB5B59A25F1D}C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.434\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.434\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{B7996CCE-F655-4976-8ED9-7DA4313A5722}C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.438\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.438\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{DCBFD527-53B7-4DF7-990E-A05EECF264F6}C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.438\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\73.0.3856.438\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{0298A04E-09CB-4D0C-AD0D-27DFC46D63D6}C:\users\cesar augusto\appdata\local\enlisted\launcher.exe] => (Allow) C:\users\cesar augusto\appdata\local\enlisted\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [UDP Query User{AE9330D9-F763-43D3-85BC-7366181C74C8}C:\users\cesar augusto\appdata\local\enlisted\launcher.exe] => (Allow) C:\users\cesar augusto\appdata\local\enlisted\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{712BD8F8-FFF9-4F2B-AB64-8E7C35CE17FA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DED540D5-3D1D-49E0-8585-79828EC63152}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{4FEDC7EC-F783-4FEC-B070-70700A9EA2F4}C:\program files\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_291\bin\javaw.exe => Ningún archivo
FirewallRules: [UDP Query User{AFF2DDDB-8E43-43CD-9B1E-88AAE90CD3F3}C:\program files\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_291\bin\javaw.exe => Ningún archivo
FirewallRules: [TCP Query User{EA4C321E-2BF0-4961-BBB6-E51298A0F9B5}C:\program files\epic games\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files\epic games\paladins\binaries\win64\paladins.exe => Ningún archivo
FirewallRules: [UDP Query User{9A5F8853-A89A-41C2-B78D-A2C8C2AEAC3E}C:\program files\epic games\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files\epic games\paladins\binaries\win64\paladins.exe => Ningún archivo
FirewallRules: [TCP Query User{B0F5E85B-6D43-41A6-8AE6-BE869B563A3C}C:\users\cesar augusto\appdata\local\enlisted\win64\enlisted.exe] => (Allow) C:\users\cesar augusto\appdata\local\enlisted\win64\enlisted.exe => Ningún archivo
FirewallRules: [UDP Query User{A90D5C03-C8D1-4053-89C1-A31FD807AA06}C:\users\cesar augusto\appdata\local\enlisted\win64\enlisted.exe] => (Allow) C:\users\cesar augusto\appdata\local\enlisted\win64\enlisted.exe => Ningún archivo
FirewallRules: [TCP Query User{6C0412E3-6C01-4A8E-B714-3DB341AD24D2}C:\users\cesar augusto\appdata\local\programs\opera gx\75.0.3969.259\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\75.0.3969.259\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{CC6081A5-0F31-4A14-8A5E-7889B4281165}C:\users\cesar augusto\appdata\local\programs\opera gx\75.0.3969.259\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\75.0.3969.259\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{2363A0ED-F6C2-4E8D-9CC3-E278700A756E}C:\users\cesar augusto\appdata\local\programs\opera gx\75.0.3969.267\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\75.0.3969.267\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{E6711397-AA0B-4FC0-B670-40A0B9DAC78E}C:\users\cesar augusto\appdata\local\programs\opera gx\75.0.3969.267\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\75.0.3969.267\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{AE365190-FBFE-4BE8-B476-8DF06D6521F0}C:\users\cesar augusto\appdata\local\programs\opera gx\75.0.3969.279\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\75.0.3969.279\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{B8A7DB79-7558-4EAC-8F90-DDF9171A3FCC}C:\users\cesar augusto\appdata\local\programs\opera gx\75.0.3969.279\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\75.0.3969.279\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{AA51A999-2CF4-4D39-9F8B-5A1A60452DF9}C:\program files\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe] => (Allow) C:\program files\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe => Ningún archivo
FirewallRules: [UDP Query User{DAD45C4F-E911-4482-96A3-CE190FB68F93}C:\program files\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe] => (Allow) C:\program files\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe => Ningún archivo
FirewallRules: [TCP Query User{06EBB6E5-1152-4967-BED2-5702882FEE97}C:\users\cesar augusto\appdata\local\programs\opera gx\75.0.3969.282\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\75.0.3969.282\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{B7AF59CE-A364-4DE2-BBDD-A8EFFD253EB1}C:\users\cesar augusto\appdata\local\programs\opera gx\75.0.3969.282\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\75.0.3969.282\opera.exe => Ningún archivo
FirewallRules: [{8DBCF1AA-83CE-4A45-B132-6B60CAE91120}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B78DA11A-FC07-4F4E-91F3-DAEF62FE1FAB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1B0CB1EF-4F20-46CA-9661-0D918C79F86A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EF1DEEC9-4803-45C7-A63B-54515D028310}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1625E223-DC2E-44DE-A6AC-34508ACABCAA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4C91F8DD-1DD3-488D-BB42-300834FF8D43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E91EDEB2-6474-4529-9C02-96D7DD0EA03E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{774E1860-4277-4022-B583-BEF928970504}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6B51C9AA-7E01-45D8-B84A-4A73ECC143BA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5F98CDD4-04B2-41A4-B318-BED14D2EF3CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EC1E7772-4614-4767-A335-5BD6AEB1CB12}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F53367EA-96A9-4B45-BF52-55E97BCE88CA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{6B360B6D-FB34-40BA-8A3B-54013A72CCB5}C:\users\cesar augusto\appdata\local\programs\opera gx\75.0.3969.285\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\75.0.3969.285\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{5425C596-50B1-4354-B561-31E7B5F58B1C}C:\users\cesar augusto\appdata\local\programs\opera gx\75.0.3969.285\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\75.0.3969.285\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{E3F82FEA-4214-4342-8242-4A4EB4BCCC44}C:\users\cesar augusto\onedrive - universidad industrial de santander\desktop\de.goty.pivigames.blog\dead.island.goty.pivigames.blog\data\deadislandgame.exe] => (Allow) C:\users\cesar augusto\onedrive - universidad industrial de santander\desktop\de.goty.pivigames.blog\dead.island.goty.pivigames.blog\data\deadislandgame.exe => Ningún archivo
FirewallRules: [UDP Query User{99776BAA-353E-4D7C-960C-83DF9C25909D}C:\users\cesar augusto\onedrive - universidad industrial de santander\desktop\de.goty.pivigames.blog\dead.island.goty.pivigames.blog\data\deadislandgame.exe] => (Allow) C:\users\cesar augusto\onedrive - universidad industrial de santander\desktop\de.goty.pivigames.blog\dead.island.goty.pivigames.blog\data\deadislandgame.exe => Ningún archivo
FirewallRules: [{E1CD4811-BCF2-41C2-8D28-AC07A865D18D}] => (Allow) C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\77.0.4054.90\opera.exe => Ningún archivo
FirewallRules: [{7A26E72D-5898-45AA-80C2-230FAE8324CF}] => (Allow) C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\77.0.4054.90_0\opera.exe => Ningún archivo
FirewallRules: [{B8848F53-D656-4C2B-BADD-B4FF97E2E7E4}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8F4FF402-59D1-40E2-88D5-3A319D69B356}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8B4CFAF7-65CB-4A10-A878-3840B98FB06E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{522FFD23-BBEB-4A60-B8F6-A15CAF0A0AE4}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5170F499-4AEF-4FEA-891D-26C1840A6392}] => (Allow) C:\Users\CESAR AUGUSTO\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F251A822-F938-45A3-8768-7AD04A6F2963}] => (Allow) C:\Users\CESAR AUGUSTO\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{ED8892C2-851E-4B8E-91E0-8A864EE450E1}C:\program files (x86)\techland\dead island - game of the year edition\deadislandgame.exe] => (Allow) C:\program files (x86)\techland\dead island - game of the year edition\deadislandgame.exe => Ningún archivo
FirewallRules: [UDP Query User{F36F9BAC-5902-476F-8AF2-1EBE32594F40}C:\program files (x86)\techland\dead island - game of the year edition\deadislandgame.exe] => (Allow) C:\program files (x86)\techland\dead island - game of the year edition\deadislandgame.exe => Ningún archivo
FirewallRules: [TCP Query User{FD658DF9-9E34-49B6-815C-C2A2769FF6C7}C:\program files\epic games\amongus\among us.exe] => (Allow) C:\program files\epic games\amongus\among us.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{E34710D9-2C2C-4409-A160-F21AB021F48D}C:\program files\epic games\amongus\among us.exe] => (Allow) C:\program files\epic games\amongus\among us.exe () [Archivo no firmado]
FirewallRules: [{2890BC1C-E569-455D-8211-E982B544B1B7}] => (Block) C:\program files\epic games\amongus\among us.exe () [Archivo no firmado]
FirewallRules: [{9F11DF56-7E11-4FB3-A033-46D7FB71429F}] => (Block) C:\program files\epic games\amongus\among us.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{F44E6C3D-2203-4C46-86DA-FD863A0865AB}C:\program files\epic games\overcooked2\overcooked2.exe] => (Allow) C:\program files\epic games\overcooked2\overcooked2.exe => Ningún archivo
FirewallRules: [UDP Query User{7B788C36-669A-47A0-99D2-93C7E2C8B090}C:\program files\epic games\overcooked2\overcooked2.exe] => (Allow) C:\program files\epic games\overcooked2\overcooked2.exe => Ningún archivo
FirewallRules: [{E8120337-4678-4CCA-9F4C-5EC1796939DF}] => (Block) C:\program files\epic games\overcooked2\overcooked2.exe => Ningún archivo
FirewallRules: [{855D92E0-F147-4DE1-B556-514E20E1FE92}] => (Block) C:\program files\epic games\overcooked2\overcooked2.exe => Ningún archivo
FirewallRules: [TCP Query User{4939B04F-8264-4AAB-9F34-28FA563A9F03}C:\users\cesar augusto\appdata\local\programs\opera gx\76.0.4017.208\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\76.0.4017.208\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{7D03E7F8-A71F-4E7D-B6D8-CFE045179A9F}C:\users\cesar augusto\appdata\local\programs\opera gx\76.0.4017.208\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\76.0.4017.208\opera.exe => Ningún archivo
FirewallRules: [{6EFBB71E-265C-4566-A1A3-A4E469738E9C}] => (Block) C:\users\cesar augusto\appdata\local\programs\opera gx\76.0.4017.208\opera.exe => Ningún archivo
FirewallRules: [{D8BD0DFA-0F28-4B49-8C62-7B7924CFDB89}] => (Block) C:\users\cesar augusto\appdata\local\programs\opera gx\76.0.4017.208\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{930A7288-86BB-490F-AE7E-502D99F1E7F6}C:\users\cesar augusto\downloads\stardew valley v1.5.4\stardew valley.exe] => (Allow) C:\users\cesar augusto\downloads\stardew valley v1.5.4\stardew valley.exe => Ningún archivo
FirewallRules: [UDP Query User{86CFAEA6-8478-494C-B783-7B4CAF24851D}C:\users\cesar augusto\downloads\stardew valley v1.5.4\stardew valley.exe] => (Allow) C:\users\cesar augusto\downloads\stardew valley v1.5.4\stardew valley.exe => Ningún archivo
FirewallRules: [{6823084C-64B0-4FDA-8A43-9EDF7DF63E15}] => (Block) C:\users\cesar augusto\downloads\stardew valley v1.5.4\stardew valley.exe => Ningún archivo
FirewallRules: [{6AC99F96-6106-4DA4-BE5B-03B8EBF5BC9B}] => (Block) C:\users\cesar augusto\downloads\stardew valley v1.5.4\stardew valley.exe => Ningún archivo
FirewallRules: [TCP Query User{228FB806-597A-4506-B08D-DD1CD0BDA64C}C:\program files (x86)\stardew valley v1.5.4\stardew valley.exe] => (Allow) C:\program files (x86)\stardew valley v1.5.4\stardew valley.exe => Ningún archivo
FirewallRules: [UDP Query User{581F4029-ED9D-4897-89B4-9D1F8762C981}C:\program files (x86)\stardew valley v1.5.4\stardew valley.exe] => (Allow) C:\program files (x86)\stardew valley v1.5.4\stardew valley.exe => Ningún archivo
FirewallRules: [{5FFDDD4D-4317-463D-A518-95BEC445AE94}] => (Block) C:\program files (x86)\stardew valley v1.5.4\stardew valley.exe => Ningún archivo
FirewallRules: [{B0ADF2D8-E8B8-49A8-89B2-E5B7C67198AD}] => (Block) C:\program files (x86)\stardew valley v1.5.4\stardew valley.exe => Ningún archivo
FirewallRules: [TCP Query User{36DC6DB8-11B0-4413-A6AD-2108FB36A378}C:\games\it takes two\nuts\binaries\win64\ittakestwo.exe] => (Allow) C:\games\it takes two\nuts\binaries\win64\ittakestwo.exe => Ningún archivo
FirewallRules: [UDP Query User{15BB9F30-1979-4CBA-BF6D-A8763EF9E0FD}C:\games\it takes two\nuts\binaries\win64\ittakestwo.exe] => (Allow) C:\games\it takes two\nuts\binaries\win64\ittakestwo.exe => Ningún archivo
FirewallRules: [{64A821F1-9795-4287-9F72-AA65501B0937}] => (Block) C:\games\it takes two\nuts\binaries\win64\ittakestwo.exe => Ningún archivo
FirewallRules: [{DA2BF398-FD47-4E71-BF05-1614BB3039B4}] => (Block) C:\games\it takes two\nuts\binaries\win64\ittakestwo.exe => Ningún archivo
FirewallRules: [TCP Query User{912510BB-29C8-4F4A-BBF4-EC7DC5EE83B9}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{C3CE7BB2-16EA-407E-AA1C-E8434C6B6BB7}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{487C9CFE-B61E-44C4-B8BD-AFF9704F670B}] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{0CF33E77-C4FF-4090-B5C4-1E3D4D0C5756}] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{60975678-93B1-4FDF-A8C2-407A925A3DF9}C:\users\cesar augusto\appdata\local\programs\opera gx\76.0.4017.227\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\76.0.4017.227\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{85CA4959-F44F-465A-B37A-F85C650BDA1D}C:\users\cesar augusto\appdata\local\programs\opera gx\76.0.4017.227\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\76.0.4017.227\opera.exe => Ningún archivo
FirewallRules: [{1AE901D2-144D-4110-ABCE-10054532DC66}] => (Block) C:\users\cesar augusto\appdata\local\programs\opera gx\76.0.4017.227\opera.exe => Ningún archivo
FirewallRules: [{6EC96DD3-72DC-4A50-9AD7-0E9B09BA2B10}] => (Block) C:\users\cesar augusto\appdata\local\programs\opera gx\76.0.4017.227\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{0B9564BF-9DE4-438F-ABFD-150A3FC8C388}C:\users\cesar augusto\appdata\local\programs\opera gx\77.0.4054.257\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\77.0.4054.257\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{66D55BC8-2B42-4E4C-A350-E69A2C65D12B}C:\users\cesar augusto\appdata\local\programs\opera gx\77.0.4054.257\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\77.0.4054.257\opera.exe => Ningún archivo
FirewallRules: [{CE3F8FFF-FF9C-46DD-A0F6-578287DEC106}] => (Block) C:\users\cesar augusto\appdata\local\programs\opera gx\77.0.4054.257\opera.exe => Ningún archivo
FirewallRules: [{F5350DCB-E15D-4425-A922-31FF358D880C}] => (Block) C:\users\cesar augusto\appdata\local\programs\opera gx\77.0.4054.257\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{EBABC06F-A7BC-46F6-AA67-58E5B8DDA76A}C:\users\cesar augusto\appdata\local\programs\opera gx\77.0.4054.275\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\77.0.4054.275\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{EE00D711-688B-41F0-8840-9543BB8EEF02}C:\users\cesar augusto\appdata\local\programs\opera gx\77.0.4054.275\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\77.0.4054.275\opera.exe => Ningún archivo
FirewallRules: [{EE31416C-D43F-4AF3-ABC2-FD9AE550FEE9}] => (Block) C:\users\cesar augusto\appdata\local\programs\opera gx\77.0.4054.275\opera.exe => Ningún archivo
FirewallRules: [{D3BBEB68-B74E-4611-B140-458B800DED8A}] => (Block) C:\users\cesar augusto\appdata\local\programs\opera gx\77.0.4054.275\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{5A4741F4-8418-4A8E-8944-99FDD29CBA91}C:\program files\java\jre1.8.0_301\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_301\bin\javaw.exe => Ningún archivo
FirewallRules: [UDP Query User{AAD6867F-FB3A-480E-ACED-B145042F33E9}C:\program files\java\jre1.8.0_301\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_301\bin\javaw.exe => Ningún archivo
FirewallRules: [{38ACB3DF-7017-4CAF-B746-3991372B8CD6}] => (Block) C:\program files\java\jre1.8.0_301\bin\javaw.exe => Ningún archivo
FirewallRules: [{288E0D98-0497-46BA-8CA2-F2B88EB0F053}] => (Block) C:\program files\java\jre1.8.0_301\bin\javaw.exe => Ningún archivo
FirewallRules: [TCP Query User{F30B8726-8767-490B-9D9D-F9A8FEB82EC5}C:\users\cesar augusto\appdata\local\programs\opera gx\78.0.4093.153\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\78.0.4093.153\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{64D26E29-AAAE-46CE-8465-5A29B6FDCCCE}C:\users\cesar augusto\appdata\local\programs\opera gx\78.0.4093.153\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\78.0.4093.153\opera.exe => Ningún archivo
FirewallRules: [{70C83F0B-FA37-4A7C-80C4-BB607513A7DB}] => (Block) C:\users\cesar augusto\appdata\local\programs\opera gx\78.0.4093.153\opera.exe => Ningún archivo
FirewallRules: [{D2D1521E-ECA3-44E6-B22A-E8618448B3DD}] => (Block) C:\users\cesar augusto\appdata\local\programs\opera gx\78.0.4093.153\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{2F0F62C0-C291-4947-BE7B-95BDD90FF8FA}C:\program files (x86)\neverwinter_en\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files (x86)\neverwinter_en\neverwinter\live\x64\gameclient.exe (CRYPTIC STUDIOS, INC -> )
FirewallRules: [UDP Query User{8F306B49-04FA-4BE3-AF12-4DF3B6A963BE}C:\program files (x86)\neverwinter_en\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files (x86)\neverwinter_en\neverwinter\live\x64\gameclient.exe (CRYPTIC STUDIOS, INC -> )
FirewallRules: [{77B5691F-731D-4B70-BCC4-5C53944A8D6B}] => (Block) C:\program files (x86)\neverwinter_en\neverwinter\live\x64\gameclient.exe (CRYPTIC STUDIOS, INC -> )
FirewallRules: [{CC93057B-AC04-41FE-9023-37C7ADE7EC7B}] => (Block) C:\program files (x86)\neverwinter_en\neverwinter\live\x64\gameclient.exe (CRYPTIC STUDIOS, INC -> )
FirewallRules: [TCP Query User{77F02556-EBE7-42E5-9B68-DE9572CF57C2}C:\users\cesar augusto\appdata\local\programs\opera gx\78.0.4093.186\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\78.0.4093.186\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{AB7AF154-7885-4A70-B39C-D8DD5D4AFC4E}C:\users\cesar augusto\appdata\local\programs\opera gx\78.0.4093.186\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\78.0.4093.186\opera.exe => Ningún archivo
FirewallRules: [{B19848B3-69FE-4B20-AE3E-7ACFDE571AFA}] => (Block) C:\users\cesar augusto\appdata\local\programs\opera gx\78.0.4093.186\opera.exe => Ningún archivo
FirewallRules: [{7FF5C1E7-8C91-477D-ADCF-7C3883B0BA06}] => (Block) C:\users\cesar augusto\appdata\local\programs\opera gx\78.0.4093.186\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{E1AD0F0A-1F87-4BB6-A238-3D811D40AED0}C:\users\cesar augusto\appdata\local\programs\opera gx\78.0.4093.214\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\78.0.4093.214\opera.exe => Ningún archivo
FirewallRules: [UDP Query User{C6628E30-CA65-4CCD-A894-03A7BC9B8659}C:\users\cesar augusto\appdata\local\programs\opera gx\78.0.4093.214\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\78.0.4093.214\opera.exe => Ningún archivo
FirewallRules: [{2BB61F29-8A24-4D02-A491-FC3EA23B6E98}] => (Block) C:\users\cesar augusto\appdata\local\programs\opera gx\78.0.4093.214\opera.exe => Ningún archivo
FirewallRules: [{66B821A7-D5C8-4392-A6E5-3D523F59BA1A}] => (Block) C:\users\cesar augusto\appdata\local\programs\opera gx\78.0.4093.214\opera.exe => Ningún archivo
FirewallRules: [TCP Query User{002AB36E-3388-40F6-BE7C-EE0FE04C5B07}C:\users\cesar augusto\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{D4DE275E-E014-46E8-B375-E16691FC12A8}C:\users\cesar augusto\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{E369195B-2092-4356-99F5-557EDA3EE683}] => (Block) C:\users\cesar augusto\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{3B52EAD9-D646-44E2-9AF8-10E9D89C77C3}] => (Block) C:\users\cesar augusto\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{ECFF8A5A-8A27-4BF5-9610-AD8197A5725C}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{A43EE680-DC7F-490E-92D8-CDE76C656583}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{2F775916-0BC1-401E-A0A6-FB9FADC1E66A}] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{7C843BC3-C788-4558-8A01-EF6F6836F34B}] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [TCP Query User{512AE51D-723D-4D2D-A214-C40A67836927}C:\program files\epic games\nioh\nioh.exe] => (Allow) C:\program files\epic games\nioh\nioh.exe => Ningún archivo
FirewallRules: [UDP Query User{AF881AF1-B2E2-4B64-8088-C73B2DC3BEE6}C:\program files\epic games\nioh\nioh.exe] => (Allow) C:\program files\epic games\nioh\nioh.exe => Ningún archivo
FirewallRules: [{30B3FED6-E689-4AC7-94C6-8E353BDFF67E}] => (Block) C:\program files\epic games\nioh\nioh.exe => Ningún archivo
FirewallRules: [{B8F38167-4212-4C44-BE4F-6628533D0E43}] => (Block) C:\program files\epic games\nioh\nioh.exe => Ningún archivo
FirewallRules: [TCP Query User{62E5A4DE-50DA-46F2-8D9B-2FE766A3E2C8}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => Ningún archivo
FirewallRules: [UDP Query User{1C40A19E-AFF3-4764-BE9F-759B0273E0E3}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => Ningún archivo
FirewallRules: [{FEF3A29B-D57F-4ED0-84EA-6A62A91B9595}] => (Block) C:\program files\epic games\gtav\gta5.exe => Ningún archivo
FirewallRules: [{EE336643-876D-4E2B-921F-72FCC3C79927}] => (Block) C:\program files\epic games\gtav\gta5.exe => Ningún archivo
FirewallRules: [{9B5EB4D2-FA08-45D4-A737-682FBA2670CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [Archivo no firmado]
FirewallRules: [{ED2BF18B-A7F8-4D32-96D4-FD39B677FD60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [Archivo no firmado]
FirewallRules: [{2C765929-1E68-44A6-95F4-F1174E6943A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo Infinite\HaloInfinite.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{73AEB755-41DD-4B50-AB75-B1F0976C2D53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo Infinite\HaloInfinite.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{1B0D8E3A-C9F0-4618-8DF7-E83D665DE7A6}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Ningún archivo
FirewallRules: [{D615BD22-1482-4740-B2E6-C26D40D90428}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Ningún archivo
FirewallRules: [{0668BAC8-AB1D-4E70-B311-6A26B4C69FA4}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => Ningún archivo
FirewallRules: [TCP Query User{B9537C6C-21BD-4160-AD1D-92EF1C6F572E}C:\program files\epic games\godfall\aperion\binaries\win64\aperion-win64-shipping.exe] => (Allow) C:\program files\epic games\godfall\aperion\binaries\win64\aperion-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{54B0AE52-B2C6-451C-980E-96283909B04D}C:\program files\epic games\godfall\aperion\binaries\win64\aperion-win64-shipping.exe] => (Allow) C:\program files\epic games\godfall\aperion\binaries\win64\aperion-win64-shipping.exe => Ningún archivo
FirewallRules: [{C562BD1C-9887-49C0-BA01-6E2C56ADFF8B}] => (Block) C:\program files\epic games\godfall\aperion\binaries\win64\aperion-win64-shipping.exe => Ningún archivo
FirewallRules: [{2CAE7926-3436-4027-8AF9-751BDE294E1F}] => (Block) C:\program files\epic games\godfall\aperion\binaries\win64\aperion-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{CC05642F-6560-4D64-B1F6-0DCA8EF80A23}C:\users\cesar augusto\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\cesar augusto\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{A102873C-AA38-4243-AA37-6EA59C23AD6F}C:\users\cesar augusto\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\cesar augusto\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{B72B5323-5A8B-426C-AE71-B41C90245D4B}] => (Block) C:\users\cesar augusto\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{7D0FB500-F6CA-4096-803A-863C60CFBADB}] => (Block) C:\users\cesar augusto\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{41EE41A4-E632-4D5D-A0F3-1C6EC847101E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A908FC3F-002A-4A17-9C84-5FEFA47436A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C41B3630-E56C-4B54-B0E9-AC183D29217D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3648D681-3985-4CD8-8D68-051C1DD28260}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{00DE08E9-6D69-4F72-898E-A9B641C45C98}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{D2F40B0A-D32B-4380-86DD-0351C74B7EC9}C:\program files\java\jre1.8.0_311\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_311\bin\javaw.exe => Ningún archivo
FirewallRules: [UDP Query User{CA95A737-0760-4285-8AB2-1245B721076D}C:\program files\java\jre1.8.0_311\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_311\bin\javaw.exe => Ningún archivo
FirewallRules: [{2698ECCA-EC12-4D7E-A32E-1B9B8A85C556}] => (Block) C:\program files\java\jre1.8.0_311\bin\javaw.exe => Ningún archivo
FirewallRules: [{F6FCD769-B93B-4A1A-AD72-45D21FA4484C}] => (Block) C:\program files\java\jre1.8.0_311\bin\javaw.exe => Ningún archivo
FirewallRules: [TCP Query User{137EE273-46D8-416D-843F-C2E8FB653A91}C:\users\cesar augusto\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\cesar augusto\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{8AB92D63-1657-400F-8546-F36522E13BD8}C:\users\cesar augusto\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\cesar augusto\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [{15789780-86AE-477F-A553-205D9AFFAFB3}] => (Block) C:\users\cesar augusto\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [{20963D63-8735-44F7-ACBC-3CCF414F5CFD}] => (Block) C:\users\cesar augusto\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{737BEBA2-F9A8-4722-893B-D1AFBF68E717}C:\users\cesar augusto\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\cesar augusto\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{59CBC86E-AF1E-48EB-B89E-3F19DC017AA4}C:\users\cesar augusto\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\cesar augusto\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [{DB1063CC-E700-4CC9-9BFD-56C5B79A2203}] => (Block) C:\users\cesar augusto\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [{64C765A2-F6BA-409D-8EB6-5FC0B3D18CA3}] => (Block) C:\users\cesar augusto\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [{7AB3E4F7-A67B-42DF-8923-996A63648B83}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2B4E5E94-6CF2-413C-BB8D-31F266D63DB0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5CCE0872-BAC2-4270-B602-31D97B3A981E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8836F4DF-307B-4A9C-A639-E1F28E903C1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Uno\UNO.exe (Chengdu Ubisoft Software Co., Ltd. -> )
FirewallRules: [{DD1B23D1-5E2F-4019-B92A-3C272F1A3265}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Uno\UNO.exe (Chengdu Ubisoft Software Co., Ltd. -> )
FirewallRules: [{4EA6B41B-660F-4393-B478-458327949712}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [Archivo no firmado]
FirewallRules: [{958AA167-741C-40CF-B274-6DF2006A594D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{4D6B66E0-40A1-452C-990B-8F2438DB975E}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [UDP Query User{539A913D-AD08-4D80-AE81-296FA3AA0682}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{31E6BFA9-80F5-412B-A264-0D6CE45C8641}] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{3181C7C3-D9F9-4FAD-8DAC-076797B93A99}] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{A5163E51-4754-4B37-BEBA-0B40FE36E82E}] => (Allow) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe (Famatech Corp. -> Famatech Corp.)
FirewallRules: [TCP Query User{8C0600D8-10C0-429E-B880-56936C103AE3}C:\users\cesar augusto\downloads\stardew valley v1.5.4 - lbvinicius02\stardew valley.exe] => (Allow) C:\users\cesar augusto\downloads\stardew valley v1.5.4 - lbvinicius02\stardew valley.exe (ConcernedApe) [Archivo no firmado]
FirewallRules: [UDP Query User{58A7C90C-6228-474D-85FF-B25BD31F8E27}C:\users\cesar augusto\downloads\stardew valley v1.5.4 - lbvinicius02\stardew valley.exe] => (Allow) C:\users\cesar augusto\downloads\stardew valley v1.5.4 - lbvinicius02\stardew valley.exe (ConcernedApe) [Archivo no firmado]
FirewallRules: [{7C54A6AF-9956-4394-A318-6D36AADC6B7A}] => (Block) C:\users\cesar augusto\downloads\stardew valley v1.5.4 - lbvinicius02\stardew valley.exe (ConcernedApe) [Archivo no firmado]
FirewallRules: [{09F36F46-E608-4985-A756-6620FAD09AA5}] => (Block) C:\users\cesar augusto\downloads\stardew valley v1.5.4 - lbvinicius02\stardew valley.exe (ConcernedApe) [Archivo no firmado]
FirewallRules: [{4C3AD855-3C45-443D-B0B1-CA9921C75444}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{3B7CC10B-F5DB-43E4-BD32-AEF3900F5A65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{1CCD0BBB-CAE2-4069-9868-0597AC8239F5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{602B2C85-B6AA-4650-96E7-A5024FAC450A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D1E083A2-678D-4BDD-B944-292EEF866CD2}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5D8EF0BF-4683-48FD-95C4-3A9CCC1C6A5F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8CD809C4-68ED-44C4-AA1F-0E57E2D084BE}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{F28159F5-8EA3-42F9-A04E-E50480E00395}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{777572C1-1D3A-4EB3-B48E-3111D160C349}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{E7B2ED9F-A0B1-45E6-B1CB-0091DBAEE77D}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{A07EC104-E526-4335-8881-AF270A1B28C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Devour\DEVOUR.exe () [Archivo no firmado]
FirewallRules: [{E654CF2E-5928-4DD6-B08B-1A70F9D854B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Devour\DEVOUR.exe () [Archivo no firmado]
FirewallRules: [{AB407CB7-6A03-467F-BF7B-3EAE6E5D974F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Puntos de Restauración =========================

27-01-2022 11:30:23 Punto de control programado

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (01/26/2022 02:54:27 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (01/22/2022 12:31:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AcrobatNotificationClient.exe, versión: 0.0.0.0, marca de tiempo: 0x5b98af46
Nombre del módulo con errores: combase.dll, versión: 10.0.19041.1052, marca de tiempo: 0x0f4e8111
Código de excepción: 0xc000027b
Desplazamiento de errores: 0x002065c1
Identificador del proceso con errores: 0x240c
Hora de inicio de la aplicación con errores: 0x01d80f513620f49b
Ruta de acceso de la aplicación con errores: C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\combase.dll
Identificador del informe: 3ce59d3c-0843-4392-88e0-bc55328a68a1
Nombre completo del paquete con errores: ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r
Identificador de aplicación relativa del paquete con errores: App

Error: (01/22/2022 12:30:03 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-PKMCITN5)
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (01/21/2022 07:12:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: WaaSMedicAgent.exe, versión: 10.0.19041.662, marca de tiempo: 0xc38bc2fc
Nombre del módulo con errores: WaaSMedicCapsule.dll, versión: 10.0.19041.662, marca de tiempo: 0x5eff0ccc
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000000ae62
Identificador del proceso con errores: 0x32f0
Hora de inicio de la aplicación con errores: 0x01d80f243001cf3d
Ruta de acceso de la aplicación con errores: C:\WINDOWS\System32\WaaSMedicAgent.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\WaaSMedicCapsule.dll
Identificador del informe: 217adda1-a798-4a9e-a8ac-d04dbc6e7d11
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (01/21/2022 07:12:15 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-PKMCITN5)
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (01/21/2022 09:23:24 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-PKMCITN5)
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (01/20/2022 10:31:07 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-PKMCITN5)
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (01/20/2022 06:56:56 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-PKMCITN5)
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.


Errores del sistema:
=============
Error: (01/27/2022 02:36:45 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (01/27/2022 02:34:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio wuauserv se cerró con el siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (01/27/2022 02:27:40 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-PKMCITN5)
Description: El servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (01/27/2022 02:25:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio wuauserv se cerró con el siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (01/27/2022 02:25:40 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (01/27/2022 02:23:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio wuauserv se cerró con el siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (01/27/2022 02:23:40 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-PKMCITN5)
Description: El servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (01/27/2022 02:21:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio wuauserv se cerró con el siguiente error: 
El sistema no puede encontrar el archivo especificado.


Windows Defender:
================
Date: 2022-01-19 08:40:01
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Raccoon.DM!MTB&threatid=2147810746&enterprise=0
Nombre: Trojan:Win32/Raccoon.DM!MTB
Id.: 2147810746
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\CESAR AUGUSTO\AppData\Roaming\acbtsbr
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: LAPTOP-PKMCITN5\CESAR AUGUSTO
Nombre de proceso: C:\Windows\System32\svchost.exe
Versión de inteligencia de seguridad: AV: 1.355.2164.0, AS: 1.355.2164.0, NIS: 1.355.2164.0
Versión de motor: AM: 1.1.18800.4, NIS: 1.1.18800.4

Date: 2022-01-19 08:33:17
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Raccoon.DM!MTB&threatid=2147810746&enterprise=0
Nombre: Trojan:Win32/Raccoon.DM!MTB
Id.: 2147810746
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\CESAR AUGUSTO\AppData\Roaming\acbtsbr
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: LAPTOP-PKMCITN5\CESAR AUGUSTO
Nombre de proceso: C:\Windows\explorer.exe
Versión de inteligencia de seguridad: AV: 1.355.2164.0, AS: 1.355.2164.0, NIS: 1.355.2164.0
Versión de motor: AM: 1.1.18800.4, NIS: 1.1.18800.4

Date: 2022-01-19 02:35:17
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/DefenderTamperingRestore&threatid=2147741622&enterprise=0
Nombre: VirTool:Win32/DefenderTamperingRestore
Id.: 2147741622
Gravedad: Grave
Categoría: Herramienta
Ruta de acceso: regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
Origen de detección: Desconocido
Tipo de detección: Concreto
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.355.2069.0, AS: 1.355.2069.0, NIS: 1.355.2069.0
Versión de motor: AM: 1.1.18800.4, NIS: 1.1.18800.4

Date: 2022-01-19 02:33:39
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=PWS:MSIL/RedLine.GG!MTB&threatid=2147772078&enterprise=0
Nombre: PWS:MSIL/RedLine.GG!MTB
Id.: 2147772078
Gravedad: Grave
Categoría: Programa de interceptación de contraseñas
Ruta de acceso: amsi:_\Device\HarddiskVolume3\Users\CESAR AUGUSTO\AppData\Roaming\Green\neofim.exe; amsi:_\Device\HarddiskVolume3\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Pictures\Adobe Films\FLXvVmEjL_4mggFAv_Jy745C.exe; amsi:_\Device\HarddiskVolume3\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Pictures\Adobe Films\HoDiy8FDmrDQuXRxWAZjXGch.exe; amsi:_\Device\HarddiskVolume3\Users\CESARA~1\AppData\Local\Temp\a8df190b-3458-49f7-935b-f16c02a175c8.exe; amsi:_\Device\HarddiskVolume3\Users\CESARA~1\AppData\Local\Temp\cb2faade-4a49-40a6-96b3-77a1ee7a32ab.exe
Origen de detección: Desconocido
Tipo de detección: Concreto
Origen de detección: AMSI
Usuario: LAPTOP-PKMCITN5\CESAR AUGUSTO
Nombre de proceso: C:\Users\CESAR AUGUSTO\AppData\Roaming\Green\neofim.exe
Versión de inteligencia de seguridad: AV: 1.355.2069.0, AS: 1.355.2069.0, NIS: 1.355.2069.0
Versión de motor: AM: 1.1.18800.4, NIS: 1.1.18800.4

Date: 2022-01-19 02:33:15
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Ransom:Win32/StopCrypt.PAH!MTB&threatid=2147810520&enterprise=0
Nombre: Ransom:Win32/StopCrypt.PAH!MTB
Id.: 2147810520
Gravedad: Grave
Categoría: Ransomware
Ruta de acceso: file:_C:\Users\CESAR AUGUSTO\AppData\Local\Microsoft\Windows\INetCache\IE\L84HDXGG\empty[1]
Origen de detección: Internet
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: LAPTOP-PKMCITN5\CESAR AUGUSTO
Nombre de proceso: C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Pictures\Adobe Films\SWeSKmQ_w49capVQ3Sb8x7_o.exe
Versión de inteligencia de seguridad: AV: 1.355.2069.0, AS: 1.355.2069.0, NIS: 1.355.2069.0
Versión de motor: AM: 1.1.18800.4, NIS: 1.1.18800.4
Event[0]:

Date: 2022-01-07 18:52:59
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.355.1471.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.18800.4
Código de error: 0x80080005
Descripción del error: Error en la ejecución de servidor 

Date: 2022-01-04 23:09:47
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.355.1369.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.18800.4
Código de error: 0x80070102
Descripción del error: Tiempo de espera de la operación de espera agotado. 

Date: 2022-01-04 11:19:47
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.355.1369.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.18800.4
Código de error: 0x80080005
Descripción del error: Error en la ejecución de servidor 

Date: 2022-01-03 13:03:41
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.355.1258.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.18800.4
Código de error: 0x80080005
Descripción del error: Error en la ejecución de servidor 

Date: 2021-12-30 16:53:04
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.355.1066.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.18800.4
Código de error: 0x80080005
Descripción del error: Error en la ejecución de servidor 

CodeIntegrity:
===============
Date: 2022-01-27 14:26:24
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Parte 3:


==================== Información de la memoria =========================== 

BIOS: Insyde Corp. V1.31 06/29/2020
Placa base: CFL Octavia_CFS
Procesador: Intel(R) Core(TM) i5-9300H CPU @ 2.40GHz
Porcentaje de memoria en uso: 71%
RAM física total: 12125.05 MB
RAM física disponible: 3513.91 MB
Virtual total: 19805.05 MB
Virtual disponible: 7076.8 MB

==================== Unidades ================================

Drive c: (Acer) (Fixed) (Total:475.82 GB) (Free:96.39 GB) NTFS

\\?\Volume{4a791c73-f3b6-4c16-861b-47c3320bead1}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.56 GB) NTFS
\\?\Volume{0f6c2593-bc0f-4274-8578-6f9d514bec97}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: DCAE3482)

Partition: GPT.

==================== Final de Addition.txt =======================

Hola nuevamente,

Hay bastantes cosas de las que ocuparse en tu equipo :thinking: Si te parece vamos por partes para no saturarte de pasos.

Realiza lo siguiente:

:one: Veo rastros de Norton, por lo que te recomiendo descargar y ejecutar su herramienta de desinstalación:

:two: Descarga y ejecuta Argente registry cleaner: de cualquiera de los siguientes links:

Argente Registry Cleaner - Versión completa

Argente Registry Cleaner - Versión portable

Si al ejecutar te pregunta sobre activar el mantenimiento automático dile que NO. Después has que busque y repare todos los errores que encuentre.

:three: Crea una copia de seguridad del registro con Registry Backup, no importa si es la versión portable o instalable:

Tweaking Registry Backup

  • Después de instalar o descomprimir ejecuta el programa (de ser portable es el ejecutable TweakingRegistryBackup.exe).
  • Asegurate que en la pestaña Registry Backup este todo marcado.
  • En Backup Name puedes dejarlo por defecto o asignar algún nombre
  • Presiona el botón BackUp now

:four: Deshabilita nuevamente tu antivirus: ¿Cómo deshabilitar temporalmente su Antivirus?

:five: En el equipo, con los demás programas cerrados abra el notepad; puede abrirlo en la barra de búsqueda de windows y escribiendo notepad.exe

Posteriormente, copie y pegue este script de reparación dentro del Notepad comenzando en Start y terminando en End:

Start
SystemRestore: On
CreateRestorePoint:
CloseProcesses:

HKLM-x32\...\Run: [haleng] => C:\Users\CESARA~1\AppData\Local\Temp\haleng.ex (Ningún archivo) <==== ATENCIÓN
C:\Users\CESARA~1\AppData\Local\Temp\haleng.ex
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Ningún archivo)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [utweb] => "C:\Users\CESAR AUGUSTO\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (Ningún archivo)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [asdsdagsda.exe] => C:\Users\CESARA~1\AppData\Local\Temp\1000025001\asdsdagsda.exe (Ningún archivo) <==== ATENCIÓN
C:\Users\CESARA~1\AppData\Local\Temp\1000025001
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\MountPoints2: D - "D:\setup.exe" 
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {05294B83-83D8-474D-92AF-D296176CD509} - System32\Tasks\Opera scheduled Autoupdate 1624391072 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Ningún archivo)
Task: {23B0E12B-9B0D-41D9-AF13-004D09D3E0C9} - System32\Tasks\Firefox Default Browser Agent D2BCC463C39A6988 => C:\Users\CESAR AUGUSTO\AppData\Roaming\acbtsbr.exe (Ningún archivo) <==== ATENCIÓN
Task: {51DD04E2-D717-456B-89AF-4556617CFE34} - System32\Tasks\NortonLifeLock Trial Agent V2 => C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NLOKTrialAgentV2.exe /scheduled (Ningún archivo)
C:\ProgramData\Norton
Task: {8EDC8909-A79B-4A8D-8F68-B84B873EF486} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Ningún archivo)
Task: {CA2B69F0-4B5A-4707-9E03-3C1517A9EA62} - System32\Tasks\Opera scheduled Autoupdate 1624259783 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Ningún archivo)
Task: {FD430763-287C-4A6C-8B3A-EE37967C8D54} - System32\Tasks\mjlooy.exe => C:\Users\CESARA~1\AppData\Local\Temp\b4af406cd1\mjlooy.exe (Ningún archivo) <==== ATENCIÓN
C:\Users\CESARA~1\AppData\Local\Temp\b4af406cd1
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
FF HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\CESAR AUGUSTO\AppData\Roaming\IDM\idmmzcc5 => no encontrado
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [57360 2021-03-31] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [47016 2021-03-31] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)
S2 FlexNet Licensing Service; "C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe" [X]
S3 GoogleChromeElevationService; "C:\Program Files\Google\Chrome\Application\97.0.4692.71\elevation_service.exe" [X]
S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X]
2022-01-19 02:34 - 2022-01-22 00:30 - 000002604 _____ C:\WINDOWS\system32\Tasks\mjlooy.exe
2022-01-19 02:34 - 2022-01-20 19:10 - 000000000 ____D C:\Program Files (x86)\ooPWmVcYoOUn
2022-01-19 02:34 - 2022-01-19 08:48 - 000000000 ____D C:\Program Files (x86)\uRMdWzxOLxDU2
2022-01-19 02:34 - 2022-01-19 08:48 - 000000000 ____D C:\Program Files (x86)\uakOxkYKU
2022-01-19 02:34 - 2022-01-19 08:48 - 000000000 ____D C:\Program Files (x86)\LRejWUicAsHpC
2022-01-19 02:34 - 2022-01-19 08:48 - 000000000 ____D C:\Program Files (x86)\DnQSPaWaTKoSTCBOKjR
2022-01-19 02:33 - 2022-01-26 14:53 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\fB9oV
2022-01-19 02:33 - 2022-01-19 02:33 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\mC6fU
2022-01-19 02:32 - 2022-01-26 14:53 - 000000000 ____D C:\Program Files\Common Files\RJXHDPBSQE
2022-01-19 02:32 - 2022-01-19 02:32 - 000000000 ____D C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF
2022-01-26 14:53 - 2021-06-21 12:21 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\nW6mI-7yS1k
2022-01-26 14:53 - 2021-06-21 11:18 - 000000000 ____D C:\ProgramData\60
2022-01-26 14:53 - 2021-06-21 11:17 - 000000000 ____D C:\ProgramData\66
2022-01-19 02:32 - 2021-06-21 11:18 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Yandex
2021-06-21 12:31 - 2021-06-21 12:31 - 000000043 _____ () C:\Users\CESAR AUGUSTO\AppData\Roaming\3ffa.3ffa
C:\PROGRAMDATA\60JJKERYYBO5BTQJMQK5NXCBT
C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF
C:\ProgramData\9IMRLLTFAKFIPBHYSODZRSF6M
C:\ProgramData\LY96I7QIGURIWEWWNQH2788N8
C:\PROGRAMDATA\vRjWVZiFJDjxVXVB
AV: Norton Security Ultra (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Norton Security Ultra (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
FW: Norton Security Ultra (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security Ultra (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> Ningún archivo
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> Ningún archivo
AlternateDataStreams: C:\Users\CESAR AUGUSTO\Datos de programa:eb92b835a834003ac00ee2632de0e925 [394]
AlternateDataStreams: C:\Users\CESAR AUGUSTO\AppData\Roaming:eb92b835a834003ac00ee2632de0e925 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [9270]
SearchScopes: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001 -> DefaultScope {828C1182-676C-438B-886C-A282A60B46E7} URL = 
SearchScopes: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001 -> {828C1182-676C-438B-886C-A282A60B46E7} URL = 

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers 
EmptyTemp:
End
  • Vaya a Archivo y selecciona Guardar Como.
  • En la parte de Codificación elija Unicode o UTF8 según le de la opción.
  • Guárdelo bajo el nombre de fixlist.txt en el escritorio al igual que FRST. Esto es muy importante.

¡:warning:ATENCIÓN! El anterior Script de reparación fue hecho específicamente por un miembro del Staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo

  • Ejecute Frst.exe. y presione el botón Fix / Corregir
  • Espere pacientemente a que termine y no use el equipo. Al terminar el equipo podría reiniciarse
  • La Herramienta guardará el reporte en su escritorio (Fixlog.txt).

Nos traerías el reporte Fixlog.txt con comentarios de como sigue todo. Ya de ahí pasaríamos a la parte dos de las reparaciones.

Saludos

2 Me gusta

Listo amigo, ya hice todo lo que me dijo y este es el reporte de Fixlog.txt :

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 26-01-2022
Ejecutado por CESAR AUGUSTO (27-01-2022 23:26:57) Run:1
Ejecutado desde C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Desktop
Perfiles cargados: CESAR AUGUSTO
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
Start
SystemRestore: On
CreateRestorePoint:
CloseProcesses:

HKLM-x32\...\Run: [haleng] => C:\Users\CESARA~1\AppData\Local\Temp\haleng.ex (Ningún archivo) <==== ATENCIÓN
C:\Users\CESARA~1\AppData\Local\Temp\haleng.ex
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Ningún archivo)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [utweb] => "C:\Users\CESAR AUGUSTO\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (Ningún archivo)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [asdsdagsda.exe] => C:\Users\CESARA~1\AppData\Local\Temp\1000025001\asdsdagsda.exe (Ningún archivo) <==== ATENCIÓN
C:\Users\CESARA~1\AppData\Local\Temp\1000025001
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\MountPoints2: D - "D:\setup.exe" 
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {05294B83-83D8-474D-92AF-D296176CD509} - System32\Tasks\Opera scheduled Autoupdate 1624391072 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Ningún archivo)
Task: {23B0E12B-9B0D-41D9-AF13-004D09D3E0C9} - System32\Tasks\Firefox Default Browser Agent D2BCC463C39A6988 => C:\Users\CESAR AUGUSTO\AppData\Roaming\acbtsbr.exe (Ningún archivo) <==== ATENCIÓN
Task: {51DD04E2-D717-456B-89AF-4556617CFE34} - System32\Tasks\NortonLifeLock Trial Agent V2 => C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NLOKTrialAgentV2.exe /scheduled (Ningún archivo)
C:\ProgramData\Norton
Task: {8EDC8909-A79B-4A8D-8F68-B84B873EF486} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Ningún archivo)
Task: {CA2B69F0-4B5A-4707-9E03-3C1517A9EA62} - System32\Tasks\Opera scheduled Autoupdate 1624259783 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Ningún archivo)
Task: {FD430763-287C-4A6C-8B3A-EE37967C8D54} - System32\Tasks\mjlooy.exe => C:\Users\CESARA~1\AppData\Local\Temp\b4af406cd1\mjlooy.exe (Ningún archivo) <==== ATENCIÓN
C:\Users\CESARA~1\AppData\Local\Temp\b4af406cd1
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
FF HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\CESAR AUGUSTO\AppData\Roaming\IDM\idmmzcc5 => no encontrado
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [57360 2021-03-31] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [47016 2021-03-31] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)
S2 FlexNet Licensing Service; "C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe" [X]
S3 GoogleChromeElevationService; "C:\Program Files\Google\Chrome\Application\97.0.4692.71\elevation_service.exe" [X]
S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X]
2022-01-19 02:34 - 2022-01-22 00:30 - 000002604 _____ C:\WINDOWS\system32\Tasks\mjlooy.exe
2022-01-19 02:34 - 2022-01-20 19:10 - 000000000 ____D C:\Program Files (x86)\ooPWmVcYoOUn
2022-01-19 02:34 - 2022-01-19 08:48 - 000000000 ____D C:\Program Files (x86)\uRMdWzxOLxDU2
2022-01-19 02:34 - 2022-01-19 08:48 - 000000000 ____D C:\Program Files (x86)\uakOxkYKU
2022-01-19 02:34 - 2022-01-19 08:48 - 000000000 ____D C:\Program Files (x86)\LRejWUicAsHpC
2022-01-19 02:34 - 2022-01-19 08:48 - 000000000 ____D C:\Program Files (x86)\DnQSPaWaTKoSTCBOKjR
2022-01-19 02:33 - 2022-01-26 14:53 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\fB9oV
2022-01-19 02:33 - 2022-01-19 02:33 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\mC6fU
2022-01-19 02:32 - 2022-01-26 14:53 - 000000000 ____D C:\Program Files\Common Files\RJXHDPBSQE
2022-01-19 02:32 - 2022-01-19 02:32 - 000000000 ____D C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF
2022-01-26 14:53 - 2021-06-21 12:21 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\nW6mI-7yS1k
2022-01-26 14:53 - 2021-06-21 11:18 - 000000000 ____D C:\ProgramData\60
2022-01-26 14:53 - 2021-06-21 11:17 - 000000000 ____D C:\ProgramData\66
2022-01-19 02:32 - 2021-06-21 11:18 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Yandex
2021-06-21 12:31 - 2021-06-21 12:31 - 000000043 _____ () C:\Users\CESAR AUGUSTO\AppData\Roaming\3ffa.3ffa
C:\PROGRAMDATA\60JJKERYYBO5BTQJMQK5NXCBT
C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF
C:\ProgramData\9IMRLLTFAKFIPBHYSODZRSF6M
C:\ProgramData\LY96I7QIGURIWEWWNQH2788N8
C:\PROGRAMDATA\vRjWVZiFJDjxVXVB
AV: Norton Security Ultra (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Norton Security Ultra (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
FW: Norton Security Ultra (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security Ultra (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> Ningún archivo
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> Ningún archivo
AlternateDataStreams: C:\Users\CESAR AUGUSTO\Datos de programa:eb92b835a834003ac00ee2632de0e925 [394]
AlternateDataStreams: C:\Users\CESAR AUGUSTO\AppData\Roaming:eb92b835a834003ac00ee2632de0e925 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [9270]
SearchScopes: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001 -> DefaultScope {828C1182-676C-438B-886C-A282A60B46E7} URL = 
SearchScopes: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001 -> {828C1182-676C-438B-886C-A282A60B46E7} URL = 

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers 
EmptyTemp:
End
*****************

SystemRestore: On => completado
El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\haleng" => no encontrado
"C:\Users\CESARA~1\AppData\Local\Temp\haleng.ex" => no encontrado
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => eliminado correctamente
"HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Synchronizer" => no encontrado
"HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\Software\Microsoft\Windows\CurrentVersion\Run\\utweb" => no encontrado
"HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\Software\Microsoft\Windows\CurrentVersion\Run\\asdsdagsda.exe" => no encontrado
"C:\Users\CESARA~1\AppData\Local\Temp\1000025001" => no encontrado
"HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => eliminado correctamente
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D => eliminado correctamente
C:\ProgramData\NTUSER.pol => movido correctamente
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
HKLM\SOFTWARE\Policies\Google => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{05294B83-83D8-474D-92AF-D296176CD509}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05294B83-83D8-474D-92AF-D296176CD509}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1624391072 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1624391072" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{23B0E12B-9B0D-41D9-AF13-004D09D3E0C9}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23B0E12B-9B0D-41D9-AF13-004D09D3E0C9}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Firefox Default Browser Agent D2BCC463C39A6988 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Firefox Default Browser Agent D2BCC463C39A6988" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51DD04E2-D717-456B-89AF-4556617CFE34}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51DD04E2-D717-456B-89AF-4556617CFE34}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\NortonLifeLock Trial Agent V2 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NortonLifeLock Trial Agent V2" => eliminado correctamente
C:\ProgramData\Norton => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8EDC8909-A79B-4A8D-8F68-B84B873EF486}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EDC8909-A79B-4A8D-8F68-B84B873EF486}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CA2B69F0-4B5A-4707-9E03-3C1517A9EA62}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA2B69F0-4B5A-4707-9E03-3C1517A9EA62}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1624259783 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1624259783" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD430763-287C-4A6C-8B3A-EE37967C8D54}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD430763-287C-4A6C-8B3A-EE37967C8D54}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\mjlooy.exe => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\mjlooy.exe" => eliminado correctamente
"C:\Users\CESARA~1\AppData\Local\Temp\b4af406cd1" => no encontrado
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => eliminado correctamente
"HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\Software\Mozilla\SeaMonkey\Extensions\\[email protected]" => eliminado correctamente
HKLM\System\CurrentControlSet\Services\wuauserv => eliminado correctamente
wuauserv => servicio eliminado correctamente
wuauserv => servicio no encontrado.
FlexNet Licensing Service => servicio no encontrado.
GoogleChromeElevationService => servicio no encontrado.
Rockstar Service => servicio no encontrado.
"C:\WINDOWS\system32\Tasks\mjlooy.exe" => no encontrado
C:\Program Files (x86)\ooPWmVcYoOUn => movido correctamente
C:\Program Files (x86)\uRMdWzxOLxDU2 => movido correctamente
C:\Program Files (x86)\uakOxkYKU => movido correctamente
C:\Program Files (x86)\LRejWUicAsHpC => movido correctamente
C:\Program Files (x86)\DnQSPaWaTKoSTCBOKjR => movido correctamente
C:\Users\CESAR AUGUSTO\AppData\LocalLow\fB9oV => movido correctamente
C:\Users\CESAR AUGUSTO\AppData\LocalLow\mC6fU => movido correctamente
C:\Program Files\Common Files\RJXHDPBSQE => movido correctamente
C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF => movido correctamente
C:\Users\CESAR AUGUSTO\AppData\LocalLow\nW6mI-7yS1k => movido correctamente
C:\ProgramData\60 => movido correctamente
C:\ProgramData\66 => movido correctamente
C:\Users\CESAR AUGUSTO\AppData\Local\Yandex => movido correctamente
C:\Users\CESAR AUGUSTO\AppData\Roaming\3ffa.3ffa => movido correctamente
C:\PROGRAMDATA\60JJKERYYBO5BTQJMQK5NXCBT => movido correctamente
"C:\ProgramData\7YE8AN0UE5TZ673Y8HJVUF0KF" => no encontrado
C:\ProgramData\9IMRLLTFAKFIPBHYSODZRSF6M => movido correctamente
C:\ProgramData\LY96I7QIGURIWEWWNQH2788N8 => movido correctamente
"C:\PROGRAMDATA\vRjWVZiFJDjxVXVB" => no encontrado
"AV: Norton Security Ultra (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}" => eliminado correctamente
"AV: Norton Security Ultra (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}" => eliminado correctamente
"FW: Norton Security Ultra (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}" => eliminado correctamente
"FW: Norton Security Ultra (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}" => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\PowerISO => no encontrado
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\PowerISO => no encontrado
C:\Users\CESAR AUGUSTO\Datos de programa => ":eb92b835a834003ac00ee2632de0e925" ADS eliminado correctamente
"C:\Users\CESAR AUGUSTO\AppData\Roaming" => ":eb92b835a834003ac00ee2632de0e925" ADS no encontrado.
C:\Users\Public\Shared Files => ":VersionCache" ADS eliminado correctamente
"HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => eliminado correctamente
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{828C1182-676C-438B-886C-A282A60B46E7} => eliminado correctamente

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 3 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 4 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios
est‚n desconectados.

Adaptador de Ethernet Radmin VPN:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv6 . . . . . . . . . . : fdfd::1a48:c78a
   V¡nculo: direcci¢n IPv6 local. . . : fe80::941a:51a4:7d4b:fab6%14
   Direcci¢n IPv4. . . . . . . . . . . . . . : 26.72.199.138
   M scara de subred . . . . . . . . . . . . : 255.0.0.0
   Puerta de enlace predeterminada . . . . . : 26.0.0.1

Adaptador de Ethernet Ethernet:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 3:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 4:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Wi-Fi:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.34
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.0.1

Adaptador de Ethernet Conexi¢n de red Bluetooth:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Teredo Tunneling Pseudo-Interface:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv6 . . . . . . . . . . : 2001:0:34e2:8f5c:cba:1b65:45ad:fdc3
   V¡nculo: direcci¢n IPv6 local. . . : fe80::cba:1b65:45ad:fdc3%13
   Puerta de enlace predeterminada . . . . . : 

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

{07A7B829-101C-4C66-A1DC-AA55AC9C6225} canceled.
1 out of 1 jobs canceled.

========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 26441040 B
Java, Flash, Steam htmlcache => 527325819 B
Windows/system/drivers => 4307498 B
Edge => 1008487 B
Chrome => 1205741071 B
Firefox => 22176233 B
Opera => 14611121 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 183318 B
NetworkService => 45664250 B
CESAR AUGUSTO => 229842702 B

RecycleBin => 1059 B
EmptyTemp: => 1.9 GB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 23:28:18 ====

El aviso de avast me sigue apareciendo, y bueno, ya que me estan ayudando, hay otro problema que tambien vino desde que descargué el virus, el cual es que hay aplicaciones que no se inician automáticamente cuando antes si lo hacían, he mirado más al respecto y me di cuenta que en el apartado de administrador de tareas en la parte de inicio, que es donde uno podia ver las aplicaciones, no me aparece ninguna, me sale en blanco, no sé si sepan algo sobre eso.

Saludos.

Hola nuevamente,

¿El aviso te lo da el antivirus en una página en específico o en cualquiera?

Realiza lo siguiente (si necesitas imprime, saca captura o revisa las siguientes instrucciones desde tu móvil):

:one: Descarga DrWeb Cureit:

Dr.Web CureIt! | InfoSpyware >> Manual de Uso

Ejecuta Drweb según su manual considerando lo siguiente::

  • Ejecuta un análisis personalizado con los parámetros que indica el manual
  • Asegurate de poner el reporte en mínimo como indica el manual
  • Curas, Mueves y Eliminas, lo que encuentre según te de la opción y con ese orden de preferencia.
  • Si te detecta el archivo Hosts puedes permitir que DrWeb lo restaure.
  • Al terminar, revisa el manual en la sección Informe de análisis obtener la parte del reporte que nos interesa.

:two: Descarga y descomprime Windows Repair Portable en cualquier lugar de fácil acceso.

Tweaking.com - Windows Repair Portable

  1. Ve a la carpeta del programa y abre Repair_Windows. Espera a que inicie y compruebe que el programa esta integro.
  2. Una vez abierto ve a la pestaña que dice Step 4: (Optional)
  3. Presiona el botón Check. Se abrirá una ventana negra que comenzara un escaneo, espera a que termine.
  4. Al terminar te indicará si encontró algún problema o no. Podrás cerrar la ventana presionando enter.Si alguno te pide reiniciar procedes.
    • En caso de que encuentre errores ve a la barra de búsqueda y escribe cmd y elige la primera aplicación que aparezca. Se abrirá una ventana negra. Copia y pega el siguiente código:
findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Desktop\sfcdetails.txt"

Esto generará un reporte en tu escritorio llamado sfcdetails. Por favor trae su contenido o adjúntalo en un mensaje.

:three: Inicia en modo seguro: Iniciar el PC en modo seguro

:four: Abre la carpeta de Windows Repair e inicia Repair_Windows. Espera a que inicie y ve a la pestaña Repairs-Main y selecciona la opción Open Repairs.

Se abrirá la ventana de reparaciones. En esta, dirígete al listado de la parte izquierda y marca las siguientes casillas:

  • 01 - Reset Registry Permissions
  • 02 - Reset File Permissions
  • 03 - Reset Service Permissions
  • 04 - Register SystemFiles
  • 05 - Repair WMI
  • 06 - Repair Windows Firewall
  • 10 - Remove Policies set by Infections
  • 13 - Repair Network
  • 14 - Remove Temp Files
  • 16 - Repair Windows Update
  • 18 - Repair Volume Shadow Copy Service
  • 20 - Repair MSI (Windows Installer)
  • 23 - Repair Windows Safe Mode
  • 25 - Restore Important Windows Services
  • 26 - Set Windows Services to default Startup
  • 29 - Repair Windows COM+ Unmarshalers
  • 31 - Restore UAC (User Account Control) Settings
  • 32 - Repair Performance Counters

Ya con esto seleccionado das en Start Repairs. Espera pacientemente a que termine. Una vez que lo haga reinicia en modo normal.

Nos traerías:

  • La parte final del reporte de Dr Web
  • De haber encontrado problemas nos traerías el archivo sfcdetails del paso :two:
  • Respuesta a mi duda y comentarios de como sigue el equipo.

Saludos

Hola nuevamente,

El reporte de Dr web:


Total 419532447836 bytes in 1684650 files scanned (3313982 objects)
Total 1684595 files (3313682 objects) are clean
Total 19 files are infected
Total 280 files are raised error condition
Scan time is 01:36:15.775

-----------------------------------------------------------------------------
Start curing
-----------------------------------------------------------------------------

No hubo problemas en el paso 2, y con respecto a tu duda, es cuando entro en cualquier página, sin importar de que sea: El equipo en general no he sentido cambios, sigue apareciéndome la alerta y lo que te comenté de las aplicaciones siguen sin iniciar automáticamente y me aparece en blanco lo de inicio igual

1 me gusta

Hola nuevamente,

El programa dice que detecto infecciones. ¿Las has eliminado? Revisa esa parte del reporte para revisar si vienen listados antes o después. Me interesaría saber que detecto. Si no puedes o no viene esa parte confirma si pudiste eliminarlos

También revisa en Windows update si hay alguna actualización disponible: Actualizar Windows - Soporte técnico de Microsoft

Recomiendo instalar cualquier cosa pendiente aunque lo principal es comprobar si puedes comprobar y que este funcionando.

De forma adicional, repite el escaneo con FRST de esta respuesta → Avast me muestra un cuadro de "amenaza resuelta" HTML:Script-inf¨(Susp) cada vez que ingreso al navegador - nº 9 por ErdrickBass

Nos traerías nuevos reportes. Al ser bastante grandes puedes adjuntarlos:

Un saludo

Hola, la verdad no sé como ver los archivos, lo que si es seguro es que los eliminé cuando hice la limpieza. Había unas cuantas actualizaciones y reparaciones de windows, ya las apliqué y los reportes nuevos son estos:

  1. Frst.txt :
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 26-01-2022
Ejecutado por CESAR AUGUSTO (administrador) sobre LAPTOP-PKMCITN5 (Acer Nitro AN515-54) (28-01-2022 20:03:50)
Ejecutado desde C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Desktop
Perfiles cargados: CESAR AUGUSTO
Plataforma: Microsoft Windows 10 Home Versión 20H2 19042.1466 (X64) Idioma: Español (México)
Navegador predeterminado: Edge
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\11.0.0.4854\AdskLicensingService\AdskLicensingService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Discord Inc. -> Discord Inc.) C:\Users\CESAR AUGUSTO\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(Famatech Corp. -> Famatech Corp.) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(GoTrustID Inc. -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe
(GoTrustID Inc. -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba355e1f8cdccc52\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba355e1f8cdccc52\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a84f31b20764b965\OneApp.IGCC.WinService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a6f2bd19df3d42e0\IntelCpHDCPSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a6f2bd19df3d42e0\IntelCpHeciSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_a9a8972288e9f3b5\RstMwService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\CESAR AUGUSTO\AppData\Local\Microsoft\OneDrive\22.002.0103.0004\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_a87281c4bd1a1369\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\82.0.4227.50\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\opera.exe <28>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Skutta, Kristjan -> ) C:\Program Files (x86)\wallpaper_engine\bin\wallpaperservice32_c.exe
(Skutta, Kristjan -> ) C:\Program Files (x86)\wallpaper_engine\wallpaper32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSysSvc64.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1093872 2020-04-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSvc64.exe [1464728 2019-01-31] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [221992 2020-12-09] (Autodesk, Inc. -> Autodesk)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321112 2020-06-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [668376 2021-05-10] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [2913648 2021-05-10] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [RadminVPN] => C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe [2109824 2021-12-20] (Famatech Corp. -> Famatech Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [Discord] => C:\Users\CESAR AUGUSTO\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Run: [MicrosoftEdgeAutoLaunch_B6F392562D1EC895C9A9054596D11568] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKLM\...\Print\Monitors\EPSON L575 Series 64MonitorBE: C:\Windows\system32\E_YLMBMTE.DLL [180224 2014-03-04] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-26] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {0A241CEB-410F-47D2-9B9D-A244AED8993D} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {0DAA99BE-B328-4A05-AD87-74D0FFB106A0} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1615899705 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\launcher.exe [2192592 2021-12-22] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {1349AF54-8542-482E-8DF6-1468CE1A9F7A} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211136 2019-01-09] (Acer Incorporated -> Acer Incorporated)
Task: {13F8992E-0787-421E-8F51-A5963FB3F490} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-23] (Google LLC -> Google LLC)
Task: {198EC9DC-1712-4207-A390-C83D67CED7C5} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4969240 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
Task: {1DCA5B2B-01DA-43E7-8C97-5981269B93EF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F77793D-AA50-4F10-B9A8-A914B7ACC60F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {22109985-6699-4588-A002-69CC77337C26} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {22556C22-BD91-4776-89D2-388D85253577} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-23] (Google LLC -> Google LLC)
Task: {249BF8D8-C803-4EBE-B814-D83184833351} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268096 2019-01-09] (Acer Incorporated -> Acer Incorporated)
Task: {25752A4F-8265-49BA-AB7A-A0B95B3921F7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {26765FE8-1C67-4D8E-A4F9-1D0C9A8AA4CB} - System32\Tasks\Opera GX scheduled Autoupdate 1608758439 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\launcher.exe [2192592 2021-12-22] (Opera Software AS -> Opera Software)
Task: {26BDF35B-FFAF-4F10-950E-E05C6C46744F} - System32\Tasks\Opera scheduled assistant Autoupdate 1624259789 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {2848D67B-B468-42C9-8F9A-2764624705E5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {3995513C-F385-4C33-B6A1-767D11F62D71} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {3C86CD53-AE7E-45AC-9569-31E277B3A2B5} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {45635272-3F1F-4306-9ABF-BF1E5305B323} - System32\Tasks\GoTrust ID Driver => C:\Program Files\GoTrust ID Plugin\Resource\GO-Trust_ID_Driver.exe [63488 2019-08-02] (GoTrustID Inc. -> )
Task: {4C8B1A94-7BD1-42C8-AEC5-F56EB8D944F9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4FC6407D-F6EC-4C72-8D37-F60EDB6F2AB5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {5668B6C4-BD04-44A3-9E78-D99339F18A84} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5F649278-A052-42CE-A2C6-96BE4C73E512} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {5F8B70F6-3B6E-465B-888E-63FD75193946} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2962984 2020-07-27] (Acer Incorporated -> )
Task: {5FA511A7-2184-42B8-94C7-7A72677FE001} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {7148287A-5EAE-418F-9830-1596AEB4A588} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7615CD46-3B45-44EA-A2C4-0138C6CFE988} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2019-07-18] (Acer Incorporated -> Acer Incorporated)
Task: {764BEBE5-FEEF-4E79-878B-738996D37990} - System32\Tasks\Opera scheduled assistant Autoupdate 1624391081 => C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {8D21E0E2-D11C-4E6F-86D7-BE5D98E2A98E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {97FC14C4-98D0-4D97-844C-0AF0D670AE5C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1778456 2022-01-19] (Avast Software s.r.o. -> Avast Software)
Task: {9A383A7F-8E4D-4115-9ADC-5084E1D5ABCF} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [42024 2020-07-27] (Acer Incorporated -> )
Task: {9D416725-2AC0-435F-9603-28FF7671286C} - System32\Tasks\NitroSense => C:\Program Files\Acer\NitroSense Service\PSLauncher.exe [601904 2019-07-19] (Acer Incorporated -> Acer Incorporated)
Task: {9DDA5E13-467B-4B04-8B3C-F125E2A7559B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F9ED5F0-31B2-491E-882E-9AA16815C330} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4829224 2020-07-27] (Acer Incorporated -> )
Task: {A005E184-334C-4814-9B1D-C84DE454E937} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [65064 2020-03-16] (Acer Incorporated -> Acer)
Task: {BAC2E6E7-89A9-4640-A8D5-C51499FA08D2} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [447528 2020-09-10] (Acer Incorporated -> Acer Incorporated)
Task: {C01A2ECD-FB7B-4C94-AAF3-06B4EE97383A} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2770984 2020-09-10] (Acer Incorporated -> Acer Incorporated)
Task: {D6796CB2-1B5B-484D-B09D-BF244EB3152A} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4191328 2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC0A48B6-18A0-40EA-B870-11007E5437C2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E2C2598A-3DF4-4736-B357-A1F80347D000} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {E2F96AEF-C57E-4968-BBE5-7B737E3D0B2E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E574E134-AE74-4BC7-A397-11AD60F14E7D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FF4878B0-2DB8-47F7-B52A-1C4427715D33} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog9 17 %windir%\system32\vsocklib.dll => Ningún archivo 
Winsock: Catalog9 18 %windir%\system32\vsocklib.dll => Ningún archivo 
Winsock: Catalog9-x64 17 %windir%\system32\vsocklib.dll => Ningún archivo 
Winsock: Catalog9-x64 18 %windir%\system32\vsocklib.dll => Ningún archivo 
Tcpip\Parameters: [DhcpNameServer] 190.157.8.100 190.157.8.101
Tcpip\..\Interfaces\{e0d22745-d32f-4482-84fc-3856f54941cb}: [DhcpNameServer] 190.157.8.100 190.157.8.101

Edge: 
=======
Edge Profile: C:\Users\CESAR AUGUSTO\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-28]
Edge Extension: (T-Сashback — кэшбэк-сервис) - C:\Users\CESAR AUGUSTO\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odbmjgikedenicicookngdckhkjbebpd [2022-01-28]
Edge HKLM-x32\...\Edge\Extension: [odbmjgikedenicicookngdckhkjbebpd]

FireFox:
========
FF DefaultProfile: lc7ad3c0.default
FF ProfilePath: C:\Users\CESAR AUGUSTO\AppData\Roaming\Mozilla\Firefox\Profiles\lc7ad3c0.default [2022-01-27]
FF ProfilePath: C:\Users\CESAR AUGUSTO\AppData\Roaming\Mozilla\Firefox\Profiles\m2lglfcg.default-release [2022-01-27]
FF Extension: (Español (España) Language Pack) - C:\Users\CESAR AUGUSTO\AppData\Roaming\Mozilla\Firefox\Profiles\m2lglfcg.default-release\Extensions\[email protected] [2020-11-30]
FF Plugin: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-01-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-01-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-03] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\CESAR AUGUSTO\AppData\Local\Google\Chrome\User Data\System Profile [2022-01-27]
CHR HomePage: System Profile -> hxxps://www.google.com/
CHR StartupUrls: System Profile -> "hxxps://www.google.com/"
CHR Extension: (YoutubeDownloader) - C:\Users\CESAR AUGUSTO\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo [2022-01-19] [UpdateUrl:hxxps://clients75.google.com/service/update2/crx] <==== ATENCIÓN
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]

Opera: 
=======
OPR Profile: C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable [2022-01-27]
OPR DefaultSearchKeyword: Opera Stable -> find-it.pro
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-06-21]
OPR Extension: (YoutubeDownloader) - C:\Users\CESAR AUGUSTO\AppData\Roaming\Opera Software\Opera Stable\Extensions\pdfbhfjldacbdamjhomkgomeialekbng [2022-01-19]
StartMenuInternet: (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001) Opera GXStable - "C:\Users\CESAR AUGUSTO\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [300584 2020-07-27] (Acer Incorporated -> Acer Incorporated)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1050920 2021-05-10] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [18673448 2020-11-17] (Autodesk, Inc. -> Autodesk)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8480848 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [452888 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1720088 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [452888 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8906088 2021-02-24] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2022-01-17] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-12] (Epic Games Inc. -> Epic Games, Inc.)
R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [17301280 2022-01-27] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 GoTrust ID Plugin; C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe [17408 2019-08-02] (GoTrustID Inc. -> GOTrustID Inc.)
R2 GoTrustID Service; C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe [246272 2019-08-02] (GoTrustID Inc. -> GOTrustID Inc.)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-03-31] (Microsoft Windows -> Microsoft Corporation)
S3 PSSvc; C:\Program Files\Acer\NitroSense Service\PSSvc.exe [820016 2019-07-19] (Acer Incorporated -> Acer Incorporated)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [465960 2020-09-10] (Acer Incorporated -> Acer Incorporated)
S3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [526888 2020-09-10] (Acer Incorporated -> Acer Incorporated)
R2 RvControlSvc; C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe [1058688 2021-12-20] (Famatech Corp. -> Famatech Corp.)
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [528160 2022-01-27] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14676264 2021-06-11] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [305984 2019-01-10] (Acer Incorporated -> Acer Incorporated)
R2 Wallpaper Engine Service; C:\Program Files (x86)\wallpaper_engine\bin\wallpaperservice32_c.exe [127648 2021-06-18] (Skutta, Kristjan -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Browser; %SystemRoot%\System32\browser.dll [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_a87281c4bd1a1369\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_a87281c4bd1a1369\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2022-01-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2022-01-19] (Avast Software s.r.o. -> AVAST Software)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [42256 2021-03-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [59344 2021-03-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [76744 2022-01-28] (EnigmaSoft Limited -> EnigmaSoft Limited)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-10-31] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [70560 2018-09-03] (Realtek Semiconductor Corp. -> Realtek)
R3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [69048 2021-04-30] (Famatech Corp. -> Famatech Corp.)
R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [232792 2021-09-05] (Valve Corp. -> Valve Corporation)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-01-28 19:51 - 2022-01-28 19:51 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-01-28 18:57 - 2022-01-28 18:57 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2022-01-28 18:57 - 2022-01-28 18:57 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2022-01-28 18:57 - 2022-01-28 18:57 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-01-28 18:57 - 2022-01-28 18:57 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-01-28 18:57 - 2022-01-28 18:57 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2022-01-28 18:57 - 2022-01-28 18:57 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-28 18:57 - 2022-01-28 18:57 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-28 18:57 - 2022-01-28 18:57 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-28 18:56 - 2022-01-28 18:56 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2022-01-28 18:56 - 2022-01-28 18:56 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-01-28 18:56 - 2022-01-28 18:56 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2022-01-28 18:56 - 2022-01-28 18:56 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2022-01-28 18:56 - 2022-01-28 18:56 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-01-28 18:56 - 2022-01-28 18:56 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2022-01-28 18:56 - 2022-01-28 18:56 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-01-28 18:56 - 2022-01-28 18:56 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-01-28 18:56 - 2022-01-28 18:56 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-01-28 18:56 - 2022-01-28 18:56 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-01-28 18:49 - 2022-01-28 18:49 - 000000000 ___HD C:\$WinREAgent
2022-01-28 18:38 - 2022-01-28 18:38 - 000001150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-01-28 18:38 - 2022-01-28 18:38 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-01-28 14:44 - 2022-01-28 14:44 - 007333288 _____ (Tweaking.com) C:\Users\CESAR AUGUSTO\Downloads\tweaking.com_registry_backup_setup.exe
2022-01-28 14:44 - 2022-01-28 14:44 - 000019887 _____ C:\WINDOWS\Tweaking.com - Registry Backup Setup Log.txt
2022-01-28 14:44 - 2022-01-28 14:44 - 000002316 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2022-01-28 14:44 - 2022-01-28 14:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2022-01-28 14:44 - 2022-01-28 14:44 - 000000000 ____D C:\Program Files (x86)\Tweaking.com
2022-01-28 11:16 - 2022-01-28 11:16 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-LAPTOP-PKMCITN5-Windows-10-Home-(64-bit).dat
2022-01-28 11:16 - 2022-01-28 11:16 - 000000000 ____D C:\RegBackup
2022-01-28 11:15 - 2022-01-28 11:15 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-01-28 11:09 - 2022-01-28 11:10 - 000000000 ____D C:\Users\CESAR AUGUSTO\Downloads\Tweaking.com - Windows Repair
2022-01-28 03:20 - 2022-01-28 03:20 - 021882800 _____ (Intel Corporation) C:\Users\CESAR AUGUSTO\Downloads\setuprst.exe
2022-01-28 02:20 - 2022-01-28 10:23 - 000000000 ____D C:\Users\CESAR AUGUSTO\Doctor Web
2022-01-28 02:19 - 2022-01-28 02:19 - 265026960 ____N C:\Users\CESAR AUGUSTO\Downloads\gw4oto4a.exe
2022-01-27 23:29 - 2022-01-28 19:53 - 000076744 _____ (EnigmaSoft Limited) C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys
2022-01-27 21:49 - 2022-01-27 21:49 - 000000112 ___SH C:\bootTel.dat
2022-01-27 15:38 - 2022-01-27 23:20 - 000000000 ____D C:\Program Files\Argente - Registry Cleaner
2022-01-27 15:38 - 2022-01-27 21:54 - 000000988 _____ C:\Users\Public\Desktop\Argente - Registry Cleaner.lnk
2022-01-27 15:38 - 2022-01-27 21:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Argente - Registry Cleaner
2022-01-27 15:14 - 2022-01-27 15:14 - 000023689 _____ C:\Users\CESAR AUGUSTO\Downloads\Calculos laboratorio péndulo.xlsx
2022-01-26 14:35 - 2022-01-26 14:35 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\mbam
2022-01-26 14:20 - 2022-01-26 14:25 - 000000000 ____D C:\AdwCleaner
2022-01-24 21:27 - 2022-01-28 19:53 - 023855104 _____ C:\WINDOWS\system32\config\SYSTEM
2022-01-24 17:51 - 2022-01-28 20:04 - 000000000 ____D C:\FRST
2022-01-20 21:10 - 2022-01-20 21:10 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\Straight Back Games
2022-01-20 20:09 - 2022-01-27 13:04 - 000001083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk
2022-01-20 20:09 - 2022-01-20 20:09 - 000000000 ____D C:\sh5ldr
2022-01-20 20:09 - 2022-01-20 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2022-01-20 20:09 - 2022-01-20 20:09 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2022-01-20 20:08 - 2022-01-20 20:08 - 000000000 ____D C:\Program Files\EnigmaSoft
2022-01-20 01:55 - 2022-01-20 01:55 - 000000000 ___HD C:\$SysReset
2022-01-20 00:12 - 2022-01-20 00:36 - 000000000 ____D C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Documents\Descargas
2022-01-20 00:09 - 2022-01-20 00:11 - 000000000 ____D C:\Users\CESAR AUGUSTO\Downloads\Descargas
2022-01-19 23:39 - 2022-01-19 23:39 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\Intel
2022-01-19 23:25 - 2022-01-28 03:26 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2022-01-19 23:25 - 2022-01-19 23:25 - 000000000 ____D C:\Program Files\Common Files\Intel
2022-01-19 23:23 - 2022-01-19 23:23 - 000000000 ____D C:\Users\CESAR AUGUSTO\Intel
2022-01-19 23:14 - 2022-01-22 00:30 - 000003030 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2022-01-19 23:14 - 2022-01-22 00:30 - 000002738 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2022-01-19 23:14 - 2022-01-22 00:30 - 000002664 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2022-01-19 23:14 - 2021-07-23 11:36 - 000041816 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2022-01-19 23:01 - 2022-01-19 23:01 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Skype
2022-01-19 23:00 - 2020-10-05 14:16 - 000000000 ____D C:\Users\CESAR AUGUSTO\Downloads\IRST_Intel_17.5.2.1024_W10x64
2022-01-19 22:42 - 2022-01-19 22:42 - 000000100 _____ C:\Users\CESAR AUGUSTO\Downloads\Epic Games Account Two-Factor backup codes.txt
2022-01-19 14:46 - 2022-01-19 14:46 - 000637152 _____ C:\Users\CESAR AUGUSTO\Downloads\2190211_CamScanner 11-05-2020 11.26.21.pdf
2022-01-19 14:14 - 2022-01-19 14:14 - 000002092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2022-01-19 14:13 - 2022-01-19 14:13 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2022-01-19 14:13 - 2022-01-19 08:45 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-01-19 09:40 - 2022-01-19 09:40 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-01-19 08:52 - 2022-01-19 08:52 - 000000000 ___HD C:\$AV_ASW
2022-01-19 08:47 - 2022-01-24 17:02 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Avast Software
2022-01-19 08:46 - 2022-01-19 14:13 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-01-19 08:46 - 2022-01-19 08:46 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000540056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000021936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2022-01-19 08:46 - 2022-01-19 08:46 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Avast Software
2022-01-19 08:46 - 2022-01-19 08:46 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2022-01-19 08:46 - 2022-01-19 08:45 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-01-19 08:46 - 2022-01-19 08:45 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-01-19 08:46 - 2022-01-19 08:45 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-01-19 08:45 - 2022-01-19 08:45 - 000000000 ____D C:\Program Files\Avast Software
2022-01-19 02:33 - 2022-01-19 19:36 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Green
2022-01-19 02:33 - 2022-01-19 08:48 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\UUID
2022-01-19 02:33 - 2022-01-19 02:33 - 006174399 _____ C:\Users\CESAR AUGUSTO\AppData\LocalLow\MlHPtNgvzv1.zip
2022-01-19 02:33 - 2022-01-19 02:33 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\discord_files
2022-01-19 02:32 - 2022-01-19 02:32 - 000916735 _____ (SQLite Development Team) C:\Users\CESAR AUGUSTO\AppData\LocalLow\sqlite3.dll
2022-01-19 02:07 - 2022-01-26 20:03 - 000000000 ____D C:\Program Files (x86)\Radmin VPN
2022-01-19 02:07 - 2022-01-19 02:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radmin VPN
2022-01-19 01:16 - 2022-01-19 01:16 - 054683722 _____ C:\Users\CESAR AUGUSTO\Downloads\0 BusquedaenScopus.mp4
2022-01-16 22:29 - 2022-01-16 22:29 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\Landfall West
2022-01-16 20:31 - 2022-01-16 19:41 - 000000000 ____D C:\Users\CESAR AUGUSTO\Downloads\NUEVOS MODS
2022-01-16 19:41 - 2022-01-16 20:09 - 037209024 _____ C:\Users\CESAR AUGUSTO\Downloads\NUEVOS MODS.rar
2022-01-16 18:13 - 2022-01-16 18:17 - 000000000 ____D C:\Users\CESAR AUGUSTO\Downloads\Stardew Valley v1.5.4 - LBvinicius02
2022-01-16 17:04 - 2022-01-17 12:35 - 000000000 ____D C:\Program Files\7-Zip
2022-01-16 17:04 - 2022-01-16 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-01-16 17:01 - 2022-01-16 17:26 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\SILLYAUTHORITYSoft
2022-01-15 17:01 - 2022-01-15 17:01 - 000000000 ____D C:\WINDOWS\Panther
2022-01-14 23:22 - 2022-01-14 23:22 - 000002060 _____ C:\Users\Public\Desktop\TLauncher.lnk
2022-01-14 23:22 - 2022-01-11 07:25 - 000710776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-01-14 23:21 - 2022-01-16 20:40 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\.minecraft
2022-01-14 23:21 - 2022-01-16 20:16 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\.tlauncher
2022-01-14 23:21 - 2022-01-14 23:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TLauncher
2022-01-14 23:21 - 2022-01-11 07:28 - 001879784 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-01-14 23:21 - 2022-01-11 07:28 - 001879784 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-01-14 23:21 - 2022-01-11 07:28 - 001467872 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-01-14 23:21 - 2022-01-11 07:28 - 001454824 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-01-14 23:21 - 2022-01-11 07:28 - 001454824 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-01-14 23:21 - 2022-01-11 07:28 - 001206400 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-01-14 23:21 - 2022-01-11 07:28 - 001115368 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-01-14 23:21 - 2022-01-11 07:28 - 001115368 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-01-14 23:21 - 2022-01-11 07:28 - 000969448 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-01-14 23:21 - 2022-01-11 07:28 - 000969448 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-01-14 23:21 - 2022-01-11 07:25 - 001529512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-01-14 23:21 - 2022-01-11 07:25 - 001179096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-01-14 23:21 - 2022-01-11 07:25 - 000797096 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-01-14 23:21 - 2022-01-11 07:25 - 000710824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-01-14 23:21 - 2022-01-11 07:25 - 000637864 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-01-14 23:21 - 2022-01-11 07:24 - 002119792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-01-14 23:21 - 2022-01-11 07:24 - 001601144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-01-14 23:21 - 2022-01-11 07:24 - 000983208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-01-14 23:21 - 2022-01-11 07:24 - 000455792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-01-14 23:21 - 2022-01-11 07:23 - 008609920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-01-14 23:21 - 2022-01-11 07:23 - 005734568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-01-14 23:21 - 2022-01-11 07:23 - 002934696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-01-14 23:21 - 2022-01-11 07:22 - 000850088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-01-14 23:21 - 2022-01-10 18:54 - 000089178 _____ C:\WINDOWS\system32\nvinfo.pb
2022-01-10 23:30 - 2022-01-10 23:30 - 000207030 _____ C:\Users\CESAR AUGUSTO\Downloads\11__Fisica_Semana_2_Periodo_2.pdf
2022-01-08 19:51 - 2022-01-08 19:51 - 042684853 _____ C:\Users\CESAR AUGUSTO\Downloads\MAX BURGER MENÚ.pdf
2022-01-06 13:22 - 2022-01-06 13:22 - 000499120 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2022-01-06 13:22 - 2022-01-06 13:22 - 000431920 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000943464 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000704288 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000589184 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000455616 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000448392 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000373696 _____ C:\WINDOWS\system32\ze_loader.dll
2022-01-06 13:21 - 2022-01-06 13:21 - 000142272 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2022-01-06 13:20 - 2022-01-06 13:20 - 027888024 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2022-01-06 13:20 - 2022-01-06 13:20 - 020630424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2022-01-06 13:19 - 2022-01-06 13:19 - 000356824 _____ C:\WINDOWS\system32\ControlLib.dll

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-01-28 19:58 - 2021-03-31 12:14 - 001761304 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-28 19:58 - 2020-12-04 08:26 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-28 19:58 - 2019-12-07 10:03 - 000770064 _____ C:\WINDOWS\system32\perfh00A.dat
2022-01-28 19:58 - 2019-12-07 10:03 - 000148566 _____ C:\WINDOWS\system32\perfc00A.dat
2022-01-28 19:58 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-28 19:56 - 2021-09-30 18:15 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\discord
2022-01-28 19:55 - 2021-06-11 16:00 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Discord
2022-01-28 19:55 - 2020-12-01 07:19 - 000000000 ___RD C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER
2022-01-28 19:55 - 2020-11-29 23:31 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-28 19:54 - 2020-11-30 07:02 - 000000000 __SHD C:\Users\CESAR AUGUSTO\IntelGraphicsProfiles
2022-01-28 19:54 - 2020-09-11 01:06 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-28 19:54 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-28 19:53 - 2021-06-22 15:03 - 000000000 ____D C:\Program Files\TeamViewer
2022-01-28 19:53 - 2021-03-31 12:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-28 19:53 - 2021-03-31 12:06 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-28 19:53 - 2021-03-13 11:00 - 000000000 ____D C:\ProgramData\Avast Software
2022-01-28 19:53 - 2020-09-11 00:30 - 000000000 ___HD C:\Intel
2022-01-28 19:53 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-28 19:53 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-28 19:53 - 2019-12-07 04:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-01-28 19:52 - 2021-03-31 12:06 - 000534416 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-28 19:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\es-MX
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-28 19:51 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-01-28 19:51 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\servicing
2022-01-28 19:50 - 2021-04-25 23:31 - 000003314 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d72650cda261e2
2022-01-28 19:50 - 2021-03-31 12:12 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-28 19:50 - 2021-03-31 12:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-28 19:50 - 2020-12-02 07:31 - 000000000 ____D C:\Program Files (x86)\Steam
2022-01-28 19:00 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-28 18:43 - 2019-12-07 10:05 - 000000000 ____D C:\WINDOWS\OCR
2022-01-28 18:42 - 2020-12-04 08:20 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-01-28 18:41 - 2020-12-04 08:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-28 18:38 - 2020-12-04 08:21 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-28 18:36 - 2021-06-05 16:56 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\obs-studio
2022-01-28 15:05 - 2021-03-31 12:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-01-28 15:05 - 2020-11-29 23:39 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\D3DSCache
2022-01-28 15:03 - 2019-12-07 04:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-28 12:20 - 2021-03-31 12:07 - 000000000 ____D C:\Users\CESAR AUGUSTO
2022-01-28 03:34 - 2020-11-30 19:02 - 000000000 ____D C:\ProgramData\Autodesk
2022-01-27 23:28 - 2021-10-06 03:58 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\Temp
2022-01-27 15:44 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-01-26 14:53 - 2021-06-21 18:37 - 000000000 ____D C:\Program Files\Stellar Data Recovery
2022-01-26 14:53 - 2021-06-21 11:17 - 000000000 ____D C:\Program Files (x86)\Company
2022-01-26 14:25 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-01-26 14:09 - 2020-12-23 18:35 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-26 14:05 - 2021-06-21 11:21 - 021233664 _____ C:\WINDOWS\system32\C_32770.NLS
2022-01-24 17:02 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-22 00:31 - 2020-11-30 12:55 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\CrashDumps
2022-01-22 00:30 - 2021-12-11 11:00 - 000003126 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2694221440-3033398545-1844018541-1001
2022-01-22 00:30 - 2021-06-27 17:45 - 000002234 _____ C:\WINDOWS\system32\Tasks\NitroSense
2022-01-22 00:30 - 2021-06-24 12:24 - 000002650 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2022-01-22 00:30 - 2021-06-22 14:44 - 000003982 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1624391081
2022-01-22 00:30 - 2021-06-21 02:16 - 000003982 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1624259789
2022-01-22 00:30 - 2021-04-06 09:39 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2694221440-3033398545-1844018541-1001
2022-01-22 00:30 - 2021-04-06 09:10 - 000003438 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{60644F42-85B0-4A4F-A239-78B3764B8658}
2022-01-22 00:30 - 2021-03-31 12:12 - 000004362 _____ C:\WINDOWS\system32\Tasks\Software Update Application
2022-01-22 00:30 - 2021-03-31 12:12 - 000003910 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled assistant Autoupdate 1615899705
2022-01-22 00:30 - 2021-03-31 12:12 - 000003642 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1608758439
2022-01-22 00:30 - 2021-03-31 12:12 - 000003546 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-22 00:30 - 2021-03-31 12:12 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-22 00:30 - 2021-03-31 12:12 - 000003458 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003322 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-22 00:30 - 2021-03-31 12:12 - 000003212 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003044 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000002974 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:30 - 2021-03-31 12:12 - 000002804 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-22 00:27 - 2021-04-06 09:39 - 000002456 _____ C:\Users\CESAR AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-21 00:41 - 2020-11-30 07:02 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Packages
2022-01-20 22:31 - 2021-09-07 13:05 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Ubisoft Game Launcher
2022-01-20 21:28 - 2020-11-29 23:36 - 000000000 ____D C:\Program Files (x86)\Epic Games
2022-01-20 20:59 - 2020-09-11 00:37 - 000000000 ____D C:\Program Files (x86)\Intel
2022-01-20 20:59 - 2020-09-11 00:35 - 000000000 ____D C:\ProgramData\Package Cache
2022-01-20 19:01 - 2020-12-29 12:26 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-01-19 23:41 - 2020-09-11 00:35 - 000000000 ____D C:\Program Files\Intel
2022-01-19 23:39 - 2020-09-11 00:36 - 000000000 ____D C:\ProgramData\Intel
2022-01-19 23:14 - 2020-11-30 07:02 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Intel
2022-01-19 14:49 - 2019-11-06 02:46 - 000000000 ___HD C:\OEM
2022-01-19 13:34 - 2021-07-01 22:14 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Telegram Desktop
2022-01-19 09:40 - 2020-11-30 14:50 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Zoom
2022-01-19 08:21 - 2020-12-24 18:53 - 000192736 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2022-01-19 08:21 - 2020-12-24 18:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-01-19 08:21 - 2020-12-24 18:53 - 000000000 ____D C:\Program Files\Java
2022-01-19 03:12 - 2020-11-30 13:03 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\StardewValley
2022-01-19 02:34 - 2019-03-18 23:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2022-01-17 16:20 - 2020-12-05 19:10 - 000000000 ____D C:\Program Files\Epic Games
2022-01-16 21:58 - 2021-09-07 13:05 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2022-01-16 21:58 - 2021-09-07 13:05 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2022-01-16 18:15 - 2021-06-26 10:55 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2022-01-16 18:15 - 2020-11-30 13:00 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2022-01-15 17:10 - 2020-12-01 00:08 - 000000000 ____D C:\Program Files\Microsoft Office
2022-01-14 23:31 - 2020-12-24 19:06 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\NVIDIA
2022-01-13 22:37 - 2020-11-30 16:32 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\Local\Adobe
2022-01-12 15:44 - 2021-11-26 14:56 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-11 07:24 - 2020-12-04 08:34 - 000792688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-01-11 07:23 - 2021-09-30 11:30 - 007713392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-01-11 07:23 - 2021-09-30 11:30 - 005099176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-01-11 07:21 - 2021-09-30 11:30 - 006455824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-01-11 07:21 - 2020-12-04 08:34 - 007610232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-01-02 00:28 - 2021-07-06 14:42 - 000001451 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2022-01-02 00:28 - 2020-09-11 01:03 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-01-02 00:28 - 2020-09-11 01:03 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-01-02 00:28 - 2020-09-11 01:03 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-12-29 11:40 - 2021-11-30 22:15 - 000000000 ____D C:\Users\CESAR AUGUSTO\AppData\LocalLow\Unity

==================== Archivos en la raíz de algunos directorios ========

2021-06-21 11:20 - 2021-06-21 11:20 - 000000558 _____ () C:\Users\CESAR AUGUSTO\AppData\Local\bowsakkdestx.txt
2021-07-17 13:04 - 2021-07-17 13:04 - 000007603 _____ () C:\Users\CESAR AUGUSTO\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================
  1. Adition.txt : No cabe todo el informe por lo que lo pondre en dos partes. parte 1:
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 26-01-2022
Ejecutado por CESAR AUGUSTO (28-01-2022 20:05:58)
Ejecutado desde C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER\Desktop
Microsoft Windows 10 Home Versión 20H2 19042.1466 (X64) (2021-03-31 17:12:29)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-2694221440-3033398545-1844018541-500 - Administrator - Disabled)
CESAR AUGUSTO (S-1-5-21-2694221440-3033398545-1844018541-1001 - Administrator - Enabled) => C:\Users\CESAR AUGUSTO
DefaultAccount (S-1-5-21-2694221440-3033398545-1844018541-503 - Limited - Disabled)
Invitado (S-1-5-21-2694221440-3033398545-1844018541-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2694221440-3033398545-1844018541-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\uTorrent) (Version: 3.5.5.46038 - BitTorrent Inc.)
7-Zip 21.07 (x64) (HKLM\...\7-Zip) (Version: 21.07 - Igor Pavlov)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Jumpstart (HKLM-x32\...\{E3930B59-5669-4BAB-A329-D56C1427C613}) (Version: 3.3.19180.100 - Acer)
Acer Network Optimizer (HKLM-x32\...\{3C8FA4F4-8471-4C60-9002-9B9F78B7B483}) (Version: 4 - Acer)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1034-1033-7760-BC15014EA700}) (Version: 21.011.20039 - Adobe)
Aplicación de escritorio de Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.2.0.34 - Autodesk)
Aplicaciones de Microsoft 365 para empresas - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.14729.20260 - Microsoft Corporation)
Aplicaciones destacadas de Autodesk 2020-2021 (HKLM-x32\...\{2CBD494D-0A3E-4CB3-AFB3-8CE1734613B0}) (Version: 3.1.0 - Autodesk)
Argente - Registry Cleaner 3.1.2.0 (HKLM\...\Argente - Registry Cleaner_is1) (Version: 3.1.2.0 - Raúl Argente)
AutoCAD 2021 - Español (Spanish) (HKLM\...\{28B89EEF-4101-040A-2102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden
Autodesk Advanced Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{C9FDA270-A0B9-45EE-8748-F37DF1370767}) (Version: 19.1.23.0 - Autodesk)
Autodesk Advanced Material Library Base Resolution Image Library 2022 (HKLM-x32\...\{7E78B513-B354-4833-8897-3ED5C515D30F}) (Version: 20.3.7.0 - Autodesk)
Autodesk Advanced Material Library Low Resolution Image Library 2021 (HKLM-x32\...\{AB7DC10F-1D72-4F90-988F-CDC2D6323A48}) (Version: 19.1.23.0 - Autodesk)
Autodesk Advanced Material Library Low Resolution Image Library 2022 (HKLM-x32\...\{EEAD8CC3-B6B7-4D4B-AF0D-4BBD3D93D67C}) (Version: 20.3.7.0 - Autodesk)
Autodesk Advanced Material Library Medium Resolution Image Library 2022 (HKLM-x32\...\{493ACC3C-3ABF-4CBB-8F6E-E4433090A589}) (Version: 20.3.7.0 - Autodesk)
Autodesk App Manager 2020-2021 (HKLM-x32\...\{DB92FEA7-F78C-469E-B138-E2303220F0C4}) (Version: 3.1.0 - Autodesk)
Autodesk AutoCAD 2021 - Español (Spanish) (HKLM\...\AutoCAD 2021 - Español (Spanish)) (Version: 24.0.47.0 - Autodesk)
Autodesk Cloud Models for Revit 2021 (HKLM\...\{AA384BE4-2101-0030-0000-97E7D7D021A1}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Genuine Service (HKLM\...\{1C5DB7B1-CE18-438C-B071-3AD6B8ADA5A0}) (Version: 4.4.0.85 - Autodesk)
Autodesk Material Library 2021 (HKLM-x32\...\{8C559572-4A10-43C2-9346-6E7C7E012487}) (Version: 19.1.23.0 - Autodesk)
Autodesk Material Library 2022 (HKLM-x32\...\{A9221A68-5AD0-4215-B54F-CB5DBA4FB27C}) (Version: 20.3.7.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{EFC36459-CD89-44F3-BA04-B7C5804199AF}) (Version: 19.1.23.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2022 (HKLM-x32\...\{6256584F-B04B-41D4-8A59-44E70940C473}) (Version: 20.3.7.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2021 (HKLM-x32\...\{AD6312B6-3056-460A-833F-02654FAC5FCE}) (Version: 19.1.23.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2022 (HKLM-x32\...\{490259AE-1021-4BED-B74B-162151EC45C7}) (Version: 20.3.7.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2021 (HKLM-x32\...\{69D8FFED-B14E-4998-BBC2-535006E195D6}) (Version: 19.1.23.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2022 (HKLM-x32\...\{8300AA3F-6ADF-4233-A1FB-73B1894102F0}) (Version: 20.3.7.0 - Autodesk)
Autodesk Revit 2021 (HKLM\...\{AA3C5F33-570B-3989-8542-D5DC0F759221}) (Version: 21.1.21.45 - Autodesk, Inc.)
Autodesk Revit 2021 Revit MEP Imperial Content (HKLM\...\{80B2AAE7-4B04-4BDE-B545-DA0298C548FD}) (Version: 2.2 - Autodesk) Hidden
Autodesk Revit 2021 Revit MEP Metric Content (HKLM\...\{18FAFC92-6F7A-4894-ACD1-19EC6C4E639B}) (Version: 2.2 - Autodesk) Hidden
Autodesk Revit Content Core 2021 (HKLM\...\{583895D0-2021-0410-0000-9241AD002DA5}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Core-RVT 2021 (HKLM\...\{CC7D1ED0-2021-0410-0000-1CC925969102}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Core-RVT 2021 (HKLM-x32\...\{1aa4d703-a089-48e4-b1d0-ae8e867add5f}) (Version: 21.0.0.0 - Autodesk) Hidden
Autodesk Revit Content Essential-CHS 2021 (HKLM\...\{848BACE1-2021-2052-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-CHT 2021 (HKLM\...\{848BACE1-2021-1028-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-CSY 2021 (HKLM\...\{848BACE1-2021-1029-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-DEU 2021 (HKLM\...\{848BACE1-2021-1031-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-DEU 2021 (HKLM-x32\...\{435bd39b-3dd5-416c-92fa-3c74410c8ea0}) (Version: 21.0.0.0 - Autodesk) Hidden
Autodesk Revit Content Essential-ENG 2021 (HKLM\...\{848BACE1-2021-2057-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-ENU 2021 (HKLM\...\{848BACE1-2021-1033-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-ENU 2021 (HKLM-x32\...\{cc2718e8-7490-46e0-b667-2d7b41238bc6}) (Version: 21.0.0.0 - Autodesk) Hidden
Autodesk Revit Content Essential-ESP 2021 (HKLM\...\{848BACE1-2021-1034-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-FRA 2021 (HKLM\...\{848BACE1-2021-1036-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-ITA 2021 (HKLM\...\{848BACE1-2021-1040-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-JPN 2021 (HKLM\...\{848BACE1-2021-1041-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-KOR 2021 (HKLM\...\{848BACE1-2021-1042-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-PLK 2021 (HKLM\...\{848BACE1-2021-1045-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-PTB 2021 (HKLM\...\{848BACE1-2021-1046-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Content Essential-RUS 2021 (HKLM\...\{848BACE1-2021-1049-A981-1A6F0898E5BC}) (Version: 21.1.21.45 - Autodesk) Hidden
Autodesk Revit Unit Schemas 2021 (HKLM\...\{CDCC6F31-2021-4912-8E9B-D562B70697B6}) (Version: 21.1.21.45 - Autodesk)
Autodesk Revit Unit Schemas 2022 (HKLM\...\{CDCC6F31-2022-4901-8E9B-D562B70697B6}) (Version: 22.0.2.392 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{B9F5BDED-021C-4926-8518-4FA7114B7040}) (Version: 12.3.3.1803 - Autodesk)
Autodesk Spanish Content for Revit 2022 (HKLM\...\{205C6D76-2022-1034-B227-DC6376F702DC}) (Version: 22.1.0.406 - Autodesk) Hidden
Autodesk Spanish Content for Revit LT 2022 (HKLM\...\{CE9E7254-2022-1034-A79C-D96B1058992D}) (Version: 22.1.0.407 - Autodesk) Hidden
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
Batch Print for Autodesk Revit 2021 (HKLM\...\{82AF00E4-2101-0010-0000-FCE0F87021A1}) (Version: 21.1.21.45 - Autodesk) Hidden
Care Center Service (HKLM\...\{AFB52E98-7597-4484-9202-58F0FD3512ED}) (Version: 4.00.3019 - Acer Incorporated)
Comprobación de estado de PC Windows (HKLM\...\{75741B4B-FC87-494A-A380-0EBA06DB89F9}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Discord (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.)
Documentation Manager (HKLM\...\{E80BFF97-B9A6-41B6-8686-7A7CC235AB91}) (Version: 22.100.1.1 - Intel Corporation) Hidden
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3026 - Acer Incorporated)
Dynamic Application Loader Host Interface Service (HKLM\...\{D492644D-815B-48F6-B079-6E1FE92FCFDE}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Enscape (HKLM\...\{205B2C56-8CA7-402C-A8B8-D614F8795204}) (Version: 3.1.2.55592 - Enscape GmbH)
Epic Games Launcher (HKLM-x32\...\{5EDB15EA-8B3E-4C51-AE28-7BFFE25208C2}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
EPSON L575 Series Printer Uninstall (HKLM\...\EPSON L575 Series) (Version:  - SEIKO EPSON Corporation)
eTransmit for Autodesk Revit 2021 (HKLM\...\{4477F08B-2101-0010-0000-9A09D83421A1}) (Version: 21.1.21.45 - Autodesk) Hidden
FormIt Converter For Revit 2021 (HKLM\...\{6865122A-3762-2021-A6C8-89011772ADA2}) (Version: 21.1.19.1 - Autodesk) Hidden
Generative Design For Revit (HKLM\...\{9001EBB9-B3FE-4A10-BA1C-DCBE352FCC57}) (Version: 21.11.1.0 - Autodesk)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
GoTrust ID Plugin 2.0.10.26 (HKLM\...\GoTrust ID Plugin) (Version: 2.0.10.26 - GoTrust ID Inc.)
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version:  - Richard)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.53.3) (Version: 9.53.3 - Artifex Software Inc.)
Guardar en la versión web y para dispositivos móviles de Autodesk (HKLM\...\{A9005AC0-4AD8-4E84-B1F7-EE38BB6BCC2D}) (Version: 3.0.26 - Autodesk)
Hollow Knight MULTi2 - ElAmigos versión 1.4.3.2 (HKLM-x32\...\{1CD3BBBF-DF40-4A2B-9580-F1021E575C2C}_is1) (Version: 1.4.3.2 - Team Cherry)
Intel(R) Chipset Device Software (HKLM-x32\...\{70281077-96c3-4f75-938c-dc4746110c00}) (Version: 10.1.17903.8106 - Intel(R) Corporation)
Intel(R) Computing Improvement Program (HKLM\...\{88B98508-2D8F-46F1-90AD-557BE40C7067}) (Version: 2.4.07642 - Intel Corporation)
Intel(R) Computing Improvement Program (HKLM-x32\...\{56000ce0-6041-44e2-b87e-810aa3c8c54f}) (Version: 2.4.7642 - Intel Corporation) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{31949e15-2f6e-4f85-8280-9228b2ba14a9}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1946.12.0.1328 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.6911 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1007 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1915.1 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001100-0220-1034-84C8-B8D95FA3C8C3}) (Version: 22.100.1.1 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{4B3C56AB-963E-4F48-9747-05297683DB3B}) (Version: 16.8.3.1003 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{84a8d138-a6e7-4326-b967-45bd6df40976}) (Version: 22.100.1.1 - Intel Corporation) Hidden
Java 8 Update 321 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180321F0}) (Version: 8.0.3210.7 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
MATLAB R2021b (HKLM\...\Matlab R2021b) (Version: 9.11 - MathWorks)
Mendeley Desktop 1.19.4 (HKLM-x32\...\Mendeley Desktop) (Version: 1.19.4 - Mendeley Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.76 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{BAF67399-85CD-4555-9B49-1F80EB921C35}) (Version: 12.3.6024.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Teams) (Version: 1.4.00.32771 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30129 (HKLM-x32\...\{b8c00579-2fe5-46b7-9752-8a13e5be7155}) (Version: 14.29.30129.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.9 (x86) (HKLM-x32\...\{adb8593e-4b1d-48bf-a86f-d39db017d999}) (Version: 3.1.9.29323 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiKTeX (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\MiKTeX) (Version: 20.11 - MiKTeX.org)
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
NitroSense Service (HKLM\...\{6FC78E80-6385-43D6-8A43-FA80094F1A2E}) (Version: 3.01.3012 - Acer Incorporated)
NVIDIA Controlador de audio HD 1.3.39.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.1 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 511.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 511.23 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.0.0 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
OpenStudio CLI For Revit 2021 (HKLM\...\{3BD91CC3-CA0A-4B3D-8950-C21BABFAF61F}) (Version: 0.1.17 - NREL)
OpenStudio CLI For Revit 2022 (HKLM\...\{7F84EE71-7DAF-4CEE-B063-FA3C931E1206}) (Version: 1.0.3 - NREL)
Opera GX Stable 82.0.4227.50 (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\Opera GX 82.0.4227.50) (Version: 82.0.4227.50 - Opera Software)
OWN3D for OBS Studio version 1.4.7.0 (HKLM\...\{31A72556-7590-4678-AB69-96D602C95C02}}_is1) (Version: 1.4.7.0 - Own3d media GmbH)
Personal Accelerator for Revit (HKLM\...\{6E1DC831-145C-4FB6-97CC-714AB058D840}) (Version: 22.0.5.0 - Autodesk) Hidden
Personal Accelerator for Revit (HKLM\...\Personal Accelerator for Revit) (Version: 22.0.5.0 - Autodesk)
Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3017 - Acer Incorporated)
Radmin Viewer 3.5.2 (HKLM-x32\...\{9F9073EA-5DCE-4B23-8A0C-C7D2C89AEADC}) (Version: 3.52.1.0000 - Famatech)
Radmin VPN 1.2.1 (HKLM-x32\...\{4F6D003D-E674-4019-A4B5-CD632584CFE8}) (Version: 1.2.4457 - Famatech)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Revit 2021 (HKLM\...\{7346B4A0-2100-0510-0000-705C0D862004}) (Version: 21.1.21.45 - Autodesk) Hidden
Spanish Content for Autodesk Revit 2022 (HKLM\...\{1429076C-210B-3749-B574-5E1389A74BFE}) (Version: 22.1.0.406 - Autodesk, Inc.)
Spanish Content for Autodesk Revit LT 2022 (HKLM\...\{6EF2C3C6-747B-3663-B73A-08E186776A3B}) (Version: 22.1.0.407 - Autodesk, Inc.)
SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.12.22.273 - EnigmaSoft Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellar Data Recovery (HKLM\...\Stellar Data Recovery_is1) (Version: 9.0.0.3 - Stellar Information Technology Pvt Ltd.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.19.3 - TeamViewer)
Telegram Desktop version 3.4.3 (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.4.3 - Telegram FZ-LLC)
Texmaker 5.0.4 (64-bit) (HKLM-x32\...\{A0BF9BD0-B576-47A7-B650-0204CB190D28}) (Version: 5.0.4.0 - Texmaker)
TLauncher (HKLM-x32\...\TLauncher) (Version: 2.839 - TLauncher Inc.)
Tracker (HKLM-x32\...\OSP Tracker) (Version: 5.1.5 - Open Source Physics)
TranslucentTB (HKLM-x32\...\TranslucentTB_is1) (Version: 9.0.0.0 - TranslucentTB Open Source Developers)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 4.0.0 - Tweaking.com)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
User Experience Improvement Program Service (HKLM\...\{E9495FD3-F73D-4D33-A104-047F9E8BE6C7}) (Version: 4.00.3106 - Acer Incorporated)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 97.0.1072.69 - Microsoft Corporation)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Worksharing Monitor for Autodesk Revit 2021 (HKLM\...\{5063E738-2101-0010-0000-7B7B9AB021A1}) (Version: 21.1.21.45 - Autodesk) Hidden
XSplit Gamecaster (HKLM-x32\...\{CAC84AB6-6C1D-41C5-A21C-1D48889E9C3B}) (Version: 3.4.1812.0308 - SplitmediaLabs)
Zoom (HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)

Packages:
=========
Acer Collection S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollectionS_1.0.3004.0_x64__48frkmn4z8aw4 [2021-06-21] (Acer Incorporated)
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3024.0_x64__48frkmn4z8aw4 [2021-06-21] (Acer Incorporated)
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3019.0_x64__48frkmn4z8aw4 [2021-06-21] (Acer Incorporated)
Complemento de motor multimedia para Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-06-21] (Microsoft Corporation)
Dropbox - promoción -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2021-06-21] (Dropbox Inc.)
GoTrust ID -> C:\Program Files\WindowsApps\GOTrustTechnologyInc.GO-TrustAuthenticator_3.1.21.0_x64__0r04f53sqacg6 [2021-06-21] (GoTrustID Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-06-21] (INTEL CORP)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt [2021-06-21] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-06-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-06-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-21] (Microsoft Studios) [MS Ad]
NitroSense_V31 -> C:\Program Files\WindowsApps\AcerIncorporated.NitroSenseV31_3.1.3012.0_x64__48frkmn4z8aw4 [2021-06-27] (Acer Incorporated)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2022-01-14] (NVIDIA Corp.)
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.5229.0_x64__ypz87dpxkv292 [2021-06-21] (CYBERLINK COM CORP)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2021-06-21] (CYBERLINK COM CORP)
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3017.0_x64__48frkmn4z8aw4 [2021-06-21] (Acer Incorporated)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-12-03] (Adobe Systems Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.10.216.0_x64__dt26b99r8h8gj [2021-10-06] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0 [2021-06-21] (Spotify AB) [Startup Task]
User Experience Improvement Program -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgram_4.0.3106.0_x64__48frkmn4z8aw4 [2021-06-21] (Acer Incorporated)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2021-06-21] (VideoLAN)
Waves MaxxAudio For Acer -> C:\Program Files\WindowsApps\WavesAudio.20761030F5EAC_1.0.67.0_x64__fh4rh281wavaa [2021-06-21] (Waves Audio)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001_Classes\CLSID\{04271989-C4D2-A882-C56E-8AF8B5E46641} -> [OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER] => C:\Users\CESAR AUGUSTO\OneDrive - UNIVERSIDAD INDUSTRIAL DE SANTANDER [2020-12-01 07:19]
CustomCLSID: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\CESAR AUGUSTO\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21264.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2021\es-ES\acadficn.dll (Autodesk Asia Pte. Ltd. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Archivo no firmado] [El archivo está en uso]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-01-19] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2020-01-22] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-01-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2020-01-22] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-01-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-01-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Archivo no firmado] [El archivo está en uso]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_a87281c4bd1a1369\nvshext.dll [2022-01-11] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-01-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\CESAR AUGUSTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (anaconda3).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /K ""C:\Users\CESAR AUGUSTO\anaconda3\Scripts\activate.bat" "C:\Users\CESAR AUGUSTO\anaconda3""

==================== Módulos cargados (Lista blanca) =============

2021-07-23 11:36 - 2021-07-23 11:36 - 002122240 _____ (SQLite Development Team) [Archivo no firmado] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Asociación (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado.)

HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\Software\Classes\.scr: AutoCADScriptFile => 

==================== Internet Explorer (Lista blanca) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-11-03] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_321\bin\ssv.dll [2022-01-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_321\bin\jp2ssv.dll [2022-01-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-15] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\sharepoint.com -> hxxps://correouisedu-files.sharepoint.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2019-03-18 23:49 - 2022-01-19 02:32 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\dotnet\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\MATLAB\R2021b\runtime\win64;C:\Program Files\MATLAB\R2021b\bin;
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 190.157.8.100 - 190.157.8.101
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\Run: => "pac"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service "
HKLM\...\StartupApproved\Run32: => "RadminVPN"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "haleng"
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\StartupApproved\StartupFolder: => "3ffadc7a.exe"
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\StartupApproved\Run: => "btweb"
HKU\S-1-5-21-2694221440-3033398545-1844018541-1001\...\StartupApproved\Run: => "Prun"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [UDP Query User{7DD623D5-A736-4BAE-B6E5-E84E5A9AB613}C:\program files (x86)\tracker\jre\bin\java.exe] => (Allow) C:\program files (x86)\tracker\jre\bin\java.exe
FirewallRules: [TCP Query User{86DB1E87-F925-410E-8375-991BADBE17F3}C:\program files (x86)\tracker\jre\bin\java.exe] => (Allow) C:\program files (x86)\tracker\jre\bin\java.exe
FirewallRules: [UDP Query User{AF784F14-1608-4B38-AFE1-31E95BB3E365}C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe (Hirez Studios, Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{E83627EC-A38A-4933-86D7-28B44C7124A0}C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe (Hirez Studios, Inc.) [Archivo no firmado]
FirewallRules: [{9EDBFB53-B974-4AE9-B2BA-A34F9651E19D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{FFED554E-7F8E-4B11-B42D-9FC87325C997}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{4DFCBE12-14D8-4EF7-A86F-CF8113A1864C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{83F373BA-058E-42FC-B263-D1256AB00DCD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{B202223C-95A7-4772-9483-6BE1C1BB114B}C:\program files (x86)\tracker\jre\bin\java.exe] => (Allow) C:\program files (x86)\tracker\jre\bin\java.exe
FirewallRules: [TCP Query User{E48FB5BC-CA48-4052-8849-44B34E6B0F79}C:\program files (x86)\tracker\jre\bin\java.exe] => (Allow) C:\program files (x86)\tracker\jre\bin\java.exe
FirewallRules: [{6C0509D6-F7C0-41CD-A5DF-44230EFDC5AD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E82137A8-6F20-419E-A5B9-64182717C143}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{480B5EC9-D5FC-4BF5-9A45-30BF684B73A5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1FFD07AB-5AC3-4FB0-8EB3-E9126883C078}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{5A59DF9E-E70D-48BB-AFD0-08A8499229D9}C:\users\cesar augusto\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\cesar augusto\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{7B430523-D3F0-479B-9011-3C0D9DBE073D}C:\users\cesar augusto\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\cesar augusto\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8B00C0C0-9E1E-40B6-BAFF-86DB177998B7}] => (Allow) C:\Users\CESAR AUGUSTO\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B7AE1EC3-D051-45DD-822F-7B27E5B9FFA7}] => (Allow) C:\Users\CESAR AUGUSTO\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{FDA7A803-3D7A-4132-BA79-1F9ADEF631A0}] => (Allow) C:\Users\CESAR AUGUSTO\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4ADC6AA0-3534-407C-A15F-60522E96C191}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{7F174C44-AC8E-477A-A212-E2CFF94C0B8F}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{961565F1-D8C2-4394-A32B-3B32D2BAB44C}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{2BF584AC-748B-4855-822F-EED04FF05B00}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{5286D2D3-385A-49CD-924F-F288408E73A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{23242948-F517-4452-BB8D-306F11735E46}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{0298A04E-09CB-4D0C-AD0D-27DFC46D63D6}C:\users\cesar augusto\appdata\local\enlisted\launcher.exe] => (Allow) C:\users\cesar augusto\appdata\local\enlisted\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [UDP Query User{AE9330D9-F763-43D3-85BC-7366181C74C8}C:\users\cesar augusto\appdata\local\enlisted\launcher.exe] => (Allow) C:\users\cesar augusto\appdata\local\enlisted\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{712BD8F8-FFF9-4F2B-AB64-8E7C35CE17FA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DED540D5-3D1D-49E0-8585-79828EC63152}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8DBCF1AA-83CE-4A45-B132-6B60CAE91120}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B78DA11A-FC07-4F4E-91F3-DAEF62FE1FAB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1B0CB1EF-4F20-46CA-9661-0D918C79F86A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EF1DEEC9-4803-45C7-A63B-54515D028310}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1625E223-DC2E-44DE-A6AC-34508ACABCAA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4C91F8DD-1DD3-488D-BB42-300834FF8D43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E91EDEB2-6474-4529-9C02-96D7DD0EA03E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{774E1860-4277-4022-B583-BEF928970504}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6B51C9AA-7E01-45D8-B84A-4A73ECC143BA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5F98CDD4-04B2-41A4-B318-BED14D2EF3CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EC1E7772-4614-4767-A335-5BD6AEB1CB12}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F53367EA-96A9-4B45-BF52-55E97BCE88CA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B8848F53-D656-4C2B-BADD-B4FF97E2E7E4}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8F4FF402-59D1-40E2-88D5-3A319D69B356}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8B4CFAF7-65CB-4A10-A878-3840B98FB06E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{522FFD23-BBEB-4A60-B8F6-A15CAF0A0AE4}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5170F499-4AEF-4FEA-891D-26C1840A6392}] => (Allow) C:\Users\CESAR AUGUSTO\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F251A822-F938-45A3-8768-7AD04A6F2963}] => (Allow) C:\Users\CESAR AUGUSTO\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{FD658DF9-9E34-49B6-815C-C2A2769FF6C7}C:\program files\epic games\amongus\among us.exe] => (Allow) C:\program files\epic games\amongus\among us.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{E34710D9-2C2C-4409-A160-F21AB021F48D}C:\program files\epic games\amongus\among us.exe] => (Allow) C:\program files\epic games\amongus\among us.exe () [Archivo no firmado]
FirewallRules: [{2890BC1C-E569-455D-8211-E982B544B1B7}] => (Block) C:\program files\epic games\amongus\among us.exe () [Archivo no firmado]
FirewallRules: [{9F11DF56-7E11-4FB3-A033-46D7FB71429F}] => (Block) C:\program files\epic games\amongus\among us.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{912510BB-29C8-4F4A-BBF4-EC7DC5EE83B9}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{C3CE7BB2-16EA-407E-AA1C-E8434C6B6BB7}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{487C9CFE-B61E-44C4-B8BD-AFF9704F670B}] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{0CF33E77-C4FF-4090-B5C4-1E3D4D0C5756}] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{2F0F62C0-C291-4947-BE7B-95BDD90FF8FA}C:\program files (x86)\neverwinter_en\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files (x86)\neverwinter_en\neverwinter\live\x64\gameclient.exe (CRYPTIC STUDIOS, INC -> )
FirewallRules: [UDP Query User{8F306B49-04FA-4BE3-AF12-4DF3B6A963BE}C:\program files (x86)\neverwinter_en\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files (x86)\neverwinter_en\neverwinter\live\x64\gameclient.exe (CRYPTIC STUDIOS, INC -> )
FirewallRules: [{77B5691F-731D-4B70-BCC4-5C53944A8D6B}] => (Block) C:\program files (x86)\neverwinter_en\neverwinter\live\x64\gameclient.exe (CRYPTIC STUDIOS, INC -> )
FirewallRules: [{CC93057B-AC04-41FE-9023-37C7ADE7EC7B}] => (Block) C:\program files (x86)\neverwinter_en\neverwinter\live\x64\gameclient.exe (CRYPTIC STUDIOS, INC -> )
FirewallRules: [TCP Query User{002AB36E-3388-40F6-BE7C-EE0FE04C5B07}C:\users\cesar augusto\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{D4DE275E-E014-46E8-B375-E16691FC12A8}C:\users\cesar augusto\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\cesar augusto\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{E369195B-2092-4356-99F5-557EDA3EE683}] => (Block) C:\users\cesar augusto\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{3B52EAD9-D646-44E2-9AF8-10E9D89C77C3}] => (Block) C:\users\cesar augusto\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{ECFF8A5A-8A27-4BF5-9610-AD8197A5725C}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{A43EE680-DC7F-490E-92D8-CDE76C656583}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{2F775916-0BC1-401E-A0A6-FB9FADC1E66A}] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{7C843BC3-C788-4558-8A01-EF6F6836F34B}] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{9B5EB4D2-FA08-45D4-A737-682FBA2670CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [Archivo no firmado]
FirewallRules: [{ED2BF18B-A7F8-4D32-96D4-FD39B677FD60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [Archivo no firmado]
FirewallRules: [{2C765929-1E68-44A6-95F4-F1174E6943A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo Infinite\HaloInfinite.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{73AEB755-41DD-4B50-AB75-B1F0976C2D53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo Infinite\HaloInfinite.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [TCP Query User{CC05642F-6560-4D64-B1F6-0DCA8EF80A23}C:\users\cesar augusto\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\cesar augusto\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{A102873C-AA38-4243-AA37-6EA59C23AD6F}C:\users\cesar augusto\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\cesar augusto\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{B72B5323-5A8B-426C-AE71-B41C90245D4B}] => (Block) C:\users\cesar augusto\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{7D0FB500-F6CA-4096-803A-863C60CFBADB}] => (Block) C:\users\cesar augusto\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{41EE41A4-E632-4D5D-A0F3-1C6EC847101E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A908FC3F-002A-4A17-9C84-5FEFA47436A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C41B3630-E56C-4B54-B0E9-AC183D29217D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3648D681-3985-4CD8-8D68-051C1DD28260}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{00DE08E9-6D69-4F72-898E-A9B641C45C98}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{137EE273-46D8-416D-843F-C2E8FB653A91}C:\users\cesar augusto\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\cesar augusto\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{8AB92D63-1657-400F-8546-F36522E13BD8}C:\users\cesar augusto\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\cesar augusto\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [{15789780-86AE-477F-A553-205D9AFFAFB3}] => (Block) C:\users\cesar augusto\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [{20963D63-8735-44F7-ACBC-3CCF414F5CFD}] => (Block) C:\users\cesar augusto\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{737BEBA2-F9A8-4722-893B-D1AFBF68E717}C:\users\cesar augusto\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\cesar augusto\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{59CBC86E-AF1E-48EB-B89E-3F19DC017AA4}C:\users\cesar augusto\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\cesar augusto\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [{DB1063CC-E700-4CC9-9BFD-56C5B79A2203}] => (Block) C:\users\cesar augusto\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [{64C765A2-F6BA-409D-8EB6-5FC0B3D18CA3}] => (Block) C:\users\cesar augusto\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [{7AB3E4F7-A67B-42DF-8923-996A63648B83}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2B4E5E94-6CF2-413C-BB8D-31F266D63DB0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5CCE0872-BAC2-4270-B602-31D97B3A981E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8836F4DF-307B-4A9C-A639-E1F28E903C1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Uno\UNO.exe (Chengdu Ubisoft Software Co., Ltd. -> )
FirewallRules: [{DD1B23D1-5E2F-4019-B92A-3C272F1A3265}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Uno\UNO.exe (Chengdu Ubisoft Software Co., Ltd. -> )
FirewallRules: [{4EA6B41B-660F-4393-B478-458327949712}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [Archivo no firmado]
FirewallRules: [{958AA167-741C-40CF-B274-6DF2006A594D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{4D6B66E0-40A1-452C-990B-8F2438DB975E}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [UDP Query User{539A913D-AD08-4D80-AE81-296FA3AA0682}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{31E6BFA9-80F5-412B-A264-0D6CE45C8641}] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{3181C7C3-D9F9-4FAD-8DAC-076797B93A99}] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{A5163E51-4754-4B37-BEBA-0B40FE36E82E}] => (Allow) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe (Famatech Corp. -> Famatech Corp.)
FirewallRules: [TCP Query User{8C0600D8-10C0-429E-B880-56936C103AE3}C:\users\cesar augusto\downloads\stardew valley v1.5.4 - lbvinicius02\stardew valley.exe] => (Allow) C:\users\cesar augusto\downloads\stardew valley v1.5.4 - lbvinicius02\stardew valley.exe (ConcernedApe) [Archivo no firmado]
FirewallRules: [UDP Query User{58A7C90C-6228-474D-85FF-B25BD31F8E27}C:\users\cesar augusto\downloads\stardew valley v1.5.4 - lbvinicius02\stardew valley.exe] => (Allow) C:\users\cesar augusto\downloads\stardew valley v1.5.4 - lbvinicius02\stardew valley.exe (ConcernedApe) [Archivo no firmado]
FirewallRules: [{7C54A6AF-9956-4394-A318-6D36AADC6B7A}] => (Block) C:\users\cesar augusto\downloads\stardew valley v1.5.4 - lbvinicius02\stardew valley.exe (ConcernedApe) [Archivo no firmado]
FirewallRules: [{09F36F46-E608-4985-A756-6620FAD09AA5}] => (Block) C:\users\cesar augusto\downloads\stardew valley v1.5.4 - lbvinicius02\stardew valley.exe (ConcernedApe) [Archivo no firmado]
FirewallRules: [{4C3AD855-3C45-443D-B0B1-CA9921C75444}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{3B7CC10B-F5DB-43E4-BD32-AEF3900F5A65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{1CCD0BBB-CAE2-4069-9868-0597AC8239F5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{602B2C85-B6AA-4650-96E7-A5024FAC450A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D1E083A2-678D-4BDD-B944-292EEF866CD2}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5D8EF0BF-4683-48FD-95C4-3A9CCC1C6A5F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8CD809C4-68ED-44C4-AA1F-0E57E2D084BE}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{F28159F5-8EA3-42F9-A04E-E50480E00395}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{777572C1-1D3A-4EB3-B48E-3111D160C349}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{E7B2ED9F-A0B1-45E6-B1CB-0091DBAEE77D}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{A07EC104-E526-4335-8881-AF270A1B28C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Devour\DEVOUR.exe () [Archivo no firmado]
FirewallRules: [{E654CF2E-5928-4DD6-B08B-1A70F9D854B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Devour\DEVOUR.exe () [Archivo no firmado]
FirewallRules: [{AB407CB7-6A03-467F-BF7B-3EAE6E5D974F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{480C6602-A8F0-4CD4-AA2D-AB8069EA5E9D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Ningún archivo
FirewallRules: [{9E6EFAB9-EFA3-4B1E-B67D-E4ECCBA59176}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Ningún archivo
FirewallRules: [{01DF0815-250E-4BEF-A399-C43432F6D46B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Ningún archivo
FirewallRules: [{C9B70DF6-3CB5-42AC-9DE3-6A0E1C192420}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Ningún archivo

==================== Puntos de Restauración =========================

28-01-2022 18:41:52 Instalador de Módulos de Windows
28-01-2022 18:42:51 Instalador de Módulos de Windows
28-01-2022 18:48:39 Instalador de Módulos de Windows
28-01-2022 18:49:13 Instalador de Módulos de Windows