Creo que me hackearon la computadora

Hola, buenas tardes. Les cuento, soy una persona que sabe navegar (lo cual siempre fue y ha sido el mejor antivirus), tengo unos cuantos años en informática, si bien últimamente ando medio oxidado. La cuestión es, me llegó un mail de cambio de contraseña a mi mail de una página, que yo no efectué en ningún momento. También, cuando intenté acceder a la aplicación de mi banco, me saltó un cartel que me decía que tenía que actualizar la aplicación, y el botón de “aceptar”; en lugar de que la aplicación se actualice automáticamente como siempre. Oxidado como estoy , le di al “aceptar”, y ahí salió un mensaje que decía algo así como “programando la aplicación”. No me gustó, y yo en ese momento estaba usando los datos móviles, así que chequeé el uso de datos móviles, pero no estaba bajando nada. Cerré la aplicación, la desinstalé, la reinstalé, y la autentiqué en el cajero del banco, y después hice una transferencia que tenía que hacer. Y hoy vi el mail del cambio de contraseña que mencioné antes. Si bien el sistema del sitio que me cambió la contraseña es pésimo, no me suena a que eso pueda ser un error de sistema. Tengo windows 10 64 bit, y chequeé el administrador de tareas, y descubrí que hay un programa que se llama “Program” al inicio, que no sé qué es. Le pasé un análisis completo del sistema de antivirus que viene con windows (no me queda claro si se llama Windows Defender o Windows Antivirus, o cómo) y le pasé otro con el MalwareBytes, que lo tengo en modo libre, porque la licencia está carísima. Todos los malwares que me cantó el MalwareBytes son de cracks de programas viejos, los vi uno por uno. Y el antivirus de Windows no me cantó ningún bicho. Alguna idea de qué puedo hacer? Por lo menos quiero ver si se puede sacar este “Program” que tengo en el inicio, que lo deshabilité, pero sigue ahí. Cualquier sugerencia es bienvenida. No quiero cambiar mis claves todavía, porque si tengo hackeada la pc, cualquier cambio de claves que haga no va a servir porque la pc en sí está hackeada, ¿correcto? Muchas Gracias!

Hola

Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

  • En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.

Hola! Gracias por la respuesta, Miguelgrado. Acá te paso la primer parte del Frst.txt:

    Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 08-01-2020
    Ejecutado por MATROSKA (administrador) sobre MATROSKA-PC (Gigabyte Technology Co., Ltd. Z370M DS3H) (08-01-2020 20:50:49)
    Ejecutado desde C:\Users\MATROSKA\Desktop
    Perfiles cargados: MATROSKA (Perfiles disponibles: MATROSKA)
    Platform: Windows 10 Pro Versión 1903 18362.535 (X64) Idioma: Español (España, internacional)
    Navegador predeterminado: FF
    Modo de Inicio: Normal
    Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

() [Archivo no firmado] C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atiesrxx.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngine.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\GIGABYTE\CloudStation_Server\HomeCloud\HCLOUD.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe
(Gigabyte Technology CO., LTD.) [Archivo no firmado] C:\Program Files (x86)\GIGABYTE\Smart TimeLock\AlarmClock.exe
(Gigabyte Technology CO., LTD.) [Archivo no firmado] C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.471_none_5f12f35059003107\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [299504 2016-08-18] (Intel(R) USB eXtensible Host Controller Drivers -> Intel Corporation)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [405032 2019-07-12] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\iSkysoft\iTube Studio\DelayPluginI.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\GIGABYTE\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2747003501-3174584430-2147103000-1000\...\Run: [Epic Privacy Browser Installer] => C:\Users\MATROSKA\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2019-03-26] (Google Inc (TEST) -> Epic Privacy Browser) [Archivo no firmado]
HKLM\Software\...\AppCompatFlags\Custom\pcsx2.exe: [{47f790f9-15f6-4e44-97df-5ad76537e9e1}.sdb] -> PCSX2 D3D11 Wrapper
HKLM\Software\...\AppCompatFlags\InstalledSDB\{47f790f9-15f6-4e44-97df-5ad76537e9e1}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{47f790f9-15f6-4e44-97df-5ad76537e9e1}.sdb [2018-01-09]
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
HKLM\Software\...\Authentication\Credential Providers: [{5EF9A232-5B5B-4768-95F2-3F601FB184E3}] -> C:\WINDOWS\system32\AutoGreenCP.dll [2019-03-22] () [Archivo no firmado]

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {02A25A7F-3BDB-46D6-A7E7-A72ABA760ABC} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0DB62157-A867-4C90-90B8-EC672AC1DFF1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {10E91B87-2234-434B-AD0B-0259D00EFFCD} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [837344 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {119576A9-1F75-4057-BF79-7F301A2CDEC5} - System32\Tasks\SIV-VGA => C:\Program Files (x86)\GIGABYTE\SIV\sensord.exe [253872 2018-09-18] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {1B5BEFCC-26C0-4F00-A84D-4E7164307611} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {1EB1FA1E-A408-40D6-ABF9-7BD6EC77FD46} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1F3DAC22-9071-429A-9A6F-4793BB3B5A85} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [232880 2018-09-10] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {23C40024-AA42-4E60-B325-ADE0EB25F183} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {24CAACA0-5AFB-4BDB-BC6B-11342372703D} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {2A6BF1AA-F6E8-4EBC-98FF-6C35F45C2DB2} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {351976E8-1FB6-4912-A70D-ECC81D4770BC} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {3B426D6D-C100-4E86-9632-80065FE856FF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3D1DAF9F-D26B-4645-B6A7-B7C865CEDD87} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {434A3791-703A-4CAB-80AE-D4482CFC2315} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4931C85B-F610-4E10-96EF-1ADE7D70FCBB} - System32\Tasks\klcp_update => C:\Programas Liberados\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2019-03-22] () [Archivo no firmado]
Task: {5073372E-4A52-4DD3-A095-B0A6142F6D45} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {531510EA-FAF6-4812-BD2B-90CC75852D40} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5C95FAD9-26F0-44FF-96EE-B329EE2CF835} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6054B6AD-1146-4E6C-9028-66BB5BEB75F8} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {69CE6B6A-A017-4C38-8B37-C5829A04BC8A} - System32\Tasks\V-Tuner => C:\Program Files (x86)\GIGABYTE\VTuner\VTuner.exe [837040 2017-08-17] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {6A4F189D-629A-4AB1-8A02-D859328AD3EF} - \Microsoft\Windows\Setup\EOSNotify -> Ningún archivo <==== ATENCIÓN
Task: {6DAF160A-EC27-4082-ADB1-E66B428CA32A} - System32\Tasks\EasyTune 1 => C:\Program Files (x86)\GIGABYTE\EasyTune\etocfile.exe [18352 2018-09-10] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {6F6889ED-7A55-4D41-90D6-40AD68E13852} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-07-28] (Advanced Micro Devices, Inc.) [Archivo no firmado]
Task: {7C140609-619D-4990-80DD-63E72E8C5120} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7F0B7A41-3702-461F-8FB9-D0A3398B0B00} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {8382FE92-EBD8-459C-881E-64718091A2BF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8679B890-5F37-493F-9E28-E7FB44F085BD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {87014499-8FB5-4BCD-BFED-7D707D033D61} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1146048 2018-10-05] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {875B8D7A-07AE-41E7-9BF6-D142381213A1} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {91761C80-6102-455A-98C4-DB2C29F5D2A6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9F4C5723-08B8-4626-A2F7-D560C4929387} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16494464 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A69A3D71-BEF3-406D-A232-3978EF8A8BD8} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A6C8C9F6-F8AF-420E-9396-D3AC9D60B62A} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {AA7E44D2-D0F1-4D43-AD73-B77B247C3C38} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B236411E-3DDA-4626-B6E2-0C55F31D1912} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\thermald.exe [426416 2018-09-18] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {B4DD6606-2310-4385-A0E6-36CC920BA065} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B8D4474F-A8BF-4EA5-9659-797CB06CD89C} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-07-28] (Advanced Micro Devices, Inc.) [Archivo no firmado]
Task: {B94B9E03-792E-45A9-862A-CA051EAABC24} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BA5B7B2F-DB51-4D6F-AC68-5AA120917EDA} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-07-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C83DA7F9-DE9C-4E76-9978-80AAC6B4E325} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CA1B23AA-B81E-411F-8D20-59A2FC608D6B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {DEA64AB9-C227-4845-B7A4-E4E40537274C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E45AA9B6-A7E7-4776-98E6-3204FAFF23D7} - System32\Tasks\RunUninstallTool_SkipUac => C:\Program Files\Uninstall Tool\UninstallTool.exe [5332992 2017-12-14] (CrystalIDEA Software) [Archivo no firmado]
Task: {F5499FB1-B151-42DA-9334-1B3D0AD764D5} - System32\Tasks\EasyTune => C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe [15792 2018-09-10] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {FAE78B95-2399-4CE9-B08C-A9E4B91A9E25} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FC372015-2F65-4002-A0CA-6075E8460859} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {FE44D5AF-2FAD-4DAA-97F2-41235B0D5A50} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-07-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\..\Interfaces\{7DF1E32C-58D5-44E4-BA77-96495834D40F}: [NameServer] 200.45.191.35,200.45.48.233

Internet Explorer:
==================
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\WINDOWS\system32\mscoree.dll [2019-03-19] (Microsoft Windows -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-10-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-10-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-21] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Smart Backup - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\WINDOWS\system32\mscoree.dll [2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Handler: WSISAllmytubechrome - Sin valor CLSID

FireFox:
========
FF DefaultProfile: nj1h8amj.default
FF ProfilePath: C:\Users\MATROSKA\AppData\Roaming\Mozilla\Firefox\Profiles\nj1h8amj.default [2020-01-08]
FF DownloadDir: C:\Users\MATROSKA\Downloads
FF NetworkProxy: Mozilla\Firefox\Profiles\nj1h8amj.default -> type", 0
FF Session Restore: Mozilla\Firefox\Profiles\nj1h8amj.default -> está habilitado.
FF Extension: (MyJDownloader Browser Extension) - C:\Users\MATROSKA\AppData\Roaming\Mozilla\Firefox\Profiles\nj1h8amj.default\Extensions\[email protected] [2019-10-17] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json]
FF Extension: (Google Translator for Firefox) - C:\Users\MATROSKA\AppData\Roaming\Mozilla\Firefox\Profiles\nj1h8amj.default\Extensions\[email protected] [2019-08-12]
FF Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\MATROSKA\AppData\Roaming\Mozilla\Firefox\Profiles\nj1h8amj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-10-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll [2019-05-25] (Adobe Inc. -> )
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-25] (Adobe Inc. -> )
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin HKU\S-1-5-21-2747003501-3174584430-2147103000-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2747003501-3174584430-2147103000-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\MATROSKA\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2019-03-26] (Google Inc (TEST) -> Epic Privacy Browser) [Archivo no firmado]
FF Plugin HKU\S-1-5-21-2747003501-3174584430-2147103000-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\MATROSKA\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2019-03-26] (Google Inc (TEST) -> Epic Privacy Browser) [Archivo no firmado]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atiesrxx.exe [508000 2019-09-18] (Advanced Micro Devices, Inc. -> AMD)
S3 AppleChargerSrv; C:\WINDOWS\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> )
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [50216 2019-07-12] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [142792 2018-10-19] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [Archivo no firmado]
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [128944 2018-09-18] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [775904 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [705760 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [218176 2018-11-16] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-12-03] (Malwarebytes Inc -> Malwarebytes)
S2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [123824 2018-09-10] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 Origin Client Service; C:\Origin\OriginClientService.exe [2466608 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Origin\OriginWebHelperService.exe [3344176 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe [102400 2013-02-22] (Gigabyte Technology CO., LTD.) [Archivo no firmado]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atikmdag.sys [55249504 2019-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atikmpag.sys [595040 2019-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [103672 2019-07-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [108152 2019-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 CorsairGamingAudioService; C:\WINDOWS\system32\DRIVERS\CorsairGamingAudioamd64.sys [96144 2019-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45968 2019-06-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21904 2019-06-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz148; C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [44648 2020-01-07] (CPUID S.A.R.L.U. -> CPUID)
S3 gdrv; C:\Windows\gdrv.sys [26192 2019-03-28] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R3 gdrv2; C:\Windows\gdrv2.sys [32600 2019-09-01] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 gdrv3; C:\WINDOWS\gdrv3.sys [31192 2019-08-26] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 GLCKIO2; C:\Program Files (x86)\GIGABYTE\RGBFusion\GLCKIO2.sys [19392 2018-04-23] (ASUSTeK Computer Inc. -> )
S3 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1092112 2018-07-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2009-02-10] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216544 2020-01-07] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-12-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2020-01-07] (Malwarebytes Inc -> Malwarebytes)
R3 MEIx64; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [266128 2019-04-17] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2019-09-12] (Microsoft Windows -> Microsoft Corporation)
S3 vcd10bus; C:\WINDOWS\System32\drivers\vcd10bus.sys [40464 2008-06-17] (H und H Software GmbH -> H+H Software GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\GIGABYTE\RGBFusion\MODAPI.sys [14544 2019-08-22] (Noriyuki MIYAZAKI -> OpenLibSys.org)
U3 idsvc; no ImagePath

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Acá va a segunda parte del Frst.txt:

==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-01-08 20:50 - 2020-01-08 20:51 - 000030566 _____ C:\Users\MATROSKA\Desktop\FRST.txt
2020-01-08 20:50 - 2020-01-08 20:51 - 000000000 ____D C:\FRST
2020-01-08 20:49 - 2020-01-08 20:49 - 002573312 _____ (Farbar) C:\Users\MATROSKA\Desktop\FRST64.exe
2020-01-07 19:57 - 2020-01-07 19:57 - 000000000 ____D C:\Users\MATROSKA\AppData\Local\NVIDIA Corporation
2020-01-07 17:47 - 2020-01-07 19:57 - 000000000 ____D C:\Users\MATROSKA\Documents\Shadow of the Tomb Raider
2020-01-07 17:47 - 2020-01-07 17:47 - 000000000 ____D C:\Users\MATROSKA\AppData\Roaming\Eidos Montreal
2020-01-07 14:50 - 2020-01-07 14:50 - 000000000 ____D C:\Users\MATROSKA\Documents\Rise of the Tomb Raider
2020-01-07 14:50 - 2020-01-07 14:50 - 000000000 ____D C:\Users\MATROSKA\AppData\Roaming\Crystal Dynamics
2020-01-07 14:48 - 2020-01-07 14:48 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-01-07 14:48 - 2020-01-07 14:48 - 000216544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-01-07 02:02 - 2020-01-07 02:02 - 000000202 _____ C:\Users\MATROSKA\Desktop\Shadow of the Tomb Raider.url
2020-01-05 15:51 - 2020-01-05 15:51 - 000000202 _____ C:\Users\MATROSKA\Desktop\Rise of the Tomb Raider.url
2020-01-04 01:01 - 2020-01-04 01:01 - 002329715 _____ C:\Users\MATROSKA\Downloads\xenia-canary(5).zip
2020-01-03 17:39 - 2020-01-03 17:39 - 000000202 _____ C:\Users\MATROSKA\Desktop\Resident Evil 6  Biohazard 6.url
2019-12-27 22:39 - 2019-12-27 22:39 - 000160753 _____ C:\Users\MATROSKA\Downloads\Lost.in.Space.2018.S02.rar
2019-12-27 22:12 - 2019-12-27 22:13 - 002329907 _____ C:\Users\MATROSKA\Downloads\xenia-canary(4).zip
2019-12-23 22:43 - 2019-12-23 22:43 - 000004964 _____ C:\Users\MATROSKA\AppData\Local\recently-used.xbel
2019-12-23 15:12 - 2019-12-23 22:43 - 000000000 ____D C:\Users\MATROSKA\AppData\Local\gtk-2.0
2019-12-23 15:11 - 2019-12-23 22:47 - 000000000 ____D C:\Users\MATROSKA\AppData\Local\babl-0.1
2019-12-23 15:11 - 2019-12-23 15:11 - 000000946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.12.lnk
2019-12-23 15:11 - 2019-12-23 15:11 - 000000934 _____ C:\Users\Public\Desktop\GIMP 2.10.12.lnk
2019-12-23 15:11 - 2019-12-23 15:11 - 000000934 _____ C:\ProgramData\Desktop\GIMP 2.10.12.lnk
2019-12-23 15:11 - 2019-12-23 15:11 - 000000000 ____D C:\Users\MATROSKA\AppData\Roaming\GIMP
2019-12-23 15:11 - 2019-12-23 15:11 - 000000000 ____D C:\Users\MATROSKA\AppData\Local\GIMP
2019-12-23 15:11 - 2019-12-23 15:11 - 000000000 ____D C:\Users\MATROSKA\AppData\Local\gegl-0.4
2019-12-23 15:11 - 2019-12-23 15:11 - 000000000 ____D C:\Users\MATROSKA\.cache
2019-12-23 15:10 - 2019-12-23 15:10 - 000000000 ____D C:\Program Files\GIMP 2
2019-12-23 15:02 - 2019-12-23 15:08 - 235281024 _____ (The GIMP Team ) C:\Users\MATROSKA\Downloads\gimp-2.10.12-setup-3.exe
2019-12-22 15:19 - 2019-12-22 15:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2019-12-22 15:19 - 2019-12-22 15:19 - 000000000 ____D C:\Program Files\qBittorrent
2019-12-22 14:18 - 2019-12-22 14:18 - 025763945 _____ (The qBittorrent project) C:\Users\MATROSKA\Downloads\qbittorrent_4.2.1_x64_setup.exe
2019-12-17 14:58 - 2019-12-17 14:58 - 000001218 _____ C:\Users\MATROSKA\Downloads\d3d11_fix(2).zip
2019-12-16 23:02 - 2019-12-16 23:07 - 060713072 _____ (KLCP ) C:\Users\MATROSKA\Downloads\K-Lite_Codec_Pack_1526_Mega.exe
2019-12-16 23:01 - 2019-12-16 23:12 - 372117504 _____ C:\Users\MATROSKA\Downloads\iCUESetup_3.23.66_release.msi
2019-12-16 19:48 - 2019-12-16 19:49 - 002789750 _____ (crosire) C:\Users\MATROSKA\Downloads\ReShade_Setup_4.5.0.exe
2019-12-16 19:21 - 2019-12-16 19:21 - 005639151 _____ C:\Users\MATROSKA\Downloads\pcsx2-v1.5.0-dev-3324-g9c65b73ae-windows-x86.7z
2019-12-16 19:19 - 2019-12-16 19:19 - 000165474 _____ C:\Users\MATROSKA\Downloads\Depth3D-master.zip
2019-12-16 19:00 - 2019-12-16 19:15 - 000003845 _____ C:\Users\MATROSKA\Desktop\Juegos 3D Wrapper.txt
2019-12-16 15:06 - 2019-12-16 15:06 - 002328506 _____ C:\Users\MATROSKA\Downloads\xenia-canary(3).zip
2019-12-13 23:03 - 2019-12-13 23:03 - 000005366 _____ C:\Users\MATROSKA\Downloads\580436.rar
2019-12-13 23:02 - 2019-12-13 23:02 - 000007886 _____ C:\Users\MATROSKA\Downloads\579381.rar
2019-12-13 22:53 - 2019-12-13 22:53 - 000014426 _____ C:\Users\MATROSKA\Downloads\The.Mandalorian.S01E06.WEBRip.x264-ION10.rar
2019-12-13 22:53 - 2019-12-13 22:53 - 000013016 _____ C:\Users\MATROSKA\Downloads\The.Mandalorian.S01E04.WEBRip.x264-ION10.rar
2019-12-13 22:53 - 2019-12-13 22:53 - 000011806 _____ C:\Users\MATROSKA\Downloads\The.Mandalorian.S01E05.WEBRip.x264-ION10.rar
2019-12-13 22:53 - 2019-12-13 22:53 - 000007889 _____ C:\Users\MATROSKA\Downloads\The.Mandalorian.S01E01.WEBRip.x264-ION10.rar
2019-12-13 22:53 - 2019-12-13 22:53 - 000005377 _____ C:\Users\MATROSKA\Downloads\The.Mandalorian.S01E03.WEBRip.x264-ION10.rar
2019-12-13 22:53 - 2019-12-13 22:53 - 000004586 _____ C:\Users\MATROSKA\Downloads\The.Mandalorian.S01E02.WEBRip.x264-ION10.rar
2019-12-12 01:15 - 2019-12-12 01:15 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-12 01:15 - 2019-12-12 01:15 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-12 01:15 - 2019-12-12 01:15 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-12 01:15 - 2019-12-12 01:15 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-12 01:15 - 2019-12-12 01:15 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-12 01:15 - 2019-12-12 01:15 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 002188816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-12 01:15 - 2019-12-12 01:15 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-12 01:15 - 2019-12-12 01:15 - 001496080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-12 01:15 - 2019-12-12 01:15 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-12 01:15 - 2019-12-12 01:15 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-12 01:15 - 2019-12-12 01:15 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-12 01:15 - 2019-12-12 01:15 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-12 01:15 - 2019-12-12 01:15 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-12 01:15 - 2019-12-12 01:15 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-12 01:15 - 2019-12-12 01:15 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-12 01:15 - 2019-12-12 01:15 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-12 01:15 - 2019-12-12 01:15 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-12 01:15 - 2019-12-12 01:15 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-12 01:15 - 2019-12-12 01:15 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-12 01:15 - 2019-12-12 01:15 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-12 01:15 - 2019-12-12 01:15 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-12 01:15 - 2019-12-12 01:15 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-12 01:15 - 2019-12-12 01:15 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-12 01:15 - 2019-12-12 01:15 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-12 01:15 - 2019-12-12 01:15 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-12 01:15 - 2019-12-12 01:15 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-12 01:15 - 2019-12-12 01:15 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-12 01:15 - 2019-12-12 01:15 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-12 01:15 - 2019-12-12 01:15 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-12 01:15 - 2019-12-12 01:15 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-12 01:15 - 2019-12-12 01:15 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-12 01:15 - 2019-12-12 01:15 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-12 01:15 - 2019-12-12 01:15 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-11 16:08 - 2019-12-11 16:08 - 000000202 _____ C:\Users\MATROSKA\Desktop\Tomb Raider.url
2019-12-09 17:35 - 2019-12-09 17:35 - 000000202 _____ C:\Users\MATROSKA\Desktop\RESIDENT EVIL 2  BIOHAZARD RE2.url
2019-12-09 16:58 - 2019-12-09 16:59 - 002363780 _____ C:\Users\MATROSKA\Downloads\xenia-canary(2).zip

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-01-08 20:50 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-08 20:48 - 2019-03-25 23:37 - 000000000 ____D C:\Users\MATROSKA\AppData\LocalLow\Mozilla
2020-01-08 20:47 - 2019-11-13 01:25 - 000003110 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2020-01-08 01:51 - 2019-03-26 02:08 - 000000000 ____D C:\Steam
2020-01-08 01:50 - 2019-03-25 23:44 - 000000000 ____D C:\Users\MATROSKA\AppData\Roaming\qBittorrent
2020-01-08 01:48 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-07 21:00 - 2019-08-26 21:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-07 17:47 - 2019-03-22 11:24 - 000000000 ____D C:\Users\MATROSKA\AppData\Local\D3DSCache
2020-01-07 17:46 - 2019-03-26 22:09 - 000000000 ____D C:\Users\MATROSKA\Downloads\Torrents
2020-01-07 17:46 - 2019-03-26 02:31 - 000000000 ____D C:\Users\MATROSKA\AppData\Roaming\AIMP
2020-01-07 14:54 - 2019-08-26 21:32 - 001930764 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-07 14:54 - 2019-03-19 08:59 - 000829056 _____ C:\WINDOWS\system32\perfh00A.dat
2020-01-07 14:54 - 2019-03-19 08:59 - 000175300 _____ C:\WINDOWS\system32\perfc00A.dat
2020-01-07 14:54 - 2019-03-19 01:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-07 14:48 - 2019-08-26 21:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-07 14:48 - 2019-03-22 03:34 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-01-07 14:48 - 2019-03-19 01:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-07 14:15 - 2019-03-22 12:53 - 000000000 ____D C:\Users\MATROSKA\Downloads\produkey-x64
2020-01-07 02:02 - 2019-03-26 02:20 - 000000000 ____D C:\Users\MATROSKA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-01-07 00:52 - 2019-03-19 01:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-23 15:11 - 2019-08-26 21:03 - 000000000 ____D C:\Users\MATROSKA
2019-12-23 14:06 - 2019-07-23 03:20 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-12-22 15:19 - 2019-05-07 01:32 - 000000889 _____ C:\Users\Public\Desktop\qBittorrent.lnk
2019-12-22 15:19 - 2019-05-07 01:32 - 000000889 _____ C:\ProgramData\Desktop\qBittorrent.lnk
2019-12-16 19:41 - 2019-03-26 02:33 - 000000000 ____D C:\Users\MATROSKA\AppData\Roaming\Origin
2019-12-16 19:41 - 2019-03-26 02:33 - 000000000 ____D C:\ProgramData\Origin
2019-12-16 19:41 - 2019-03-22 15:57 - 000000000 ____D C:\Blade
2019-12-16 19:40 - 2019-03-26 02:33 - 000000000 ____D C:\Users\MATROSKA\AppData\Local\Origin
2019-12-12 01:25 - 2019-08-26 21:23 - 000289616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-12 01:25 - 2019-03-25 23:37 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-12-12 01:25 - 2019-03-25 23:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-12 01:25 - 2019-03-22 11:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-12 01:25 - 2019-03-22 11:14 - 000000000 ___RD C:\Users\MATROSKA\3D Objects
2019-12-12 01:24 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-12 01:24 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-12 01:24 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-12 01:18 - 2019-03-22 03:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-12 01:16 - 2019-03-22 03:48 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-12 01:16 - 2019-03-19 01:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-11 01:35 - 2019-03-26 02:38 - 000000000 ____D C:\Origin
2019-12-11 01:06 - 2019-03-22 11:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Archivos en la raíz de algunos directorios ========

2019-03-26 02:29 - 2019-03-26 02:31 - 063392176 _____ (Electronic Arts) C:\Users\MATROSKA\OriginThinSetup(19).exe
2019-08-26 01:22 - 2019-09-04 02:09 - 000005632 _____ () C:\Users\MATROSKA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-12-23 22:43 - 2019-12-23 22:43 - 000004964 _____ () C:\Users\MATROSKA\AppData\Local\recently-used.xbel
2019-03-26 00:31 - 2019-06-27 00:53 - 000007601 _____ () C:\Users\MATROSKA\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Acá va la primera parte del Addition.txt:

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 08-01-2020
Ejecutado por MATROSKA (08-01-2020 20:51:31)
Ejecutado desde C:\Users\MATROSKA\Desktop
Windows 10 Pro Versión 1903 18362.535 (X64) (2019-08-27 00:28:35)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-2747003501-3174584430-2147103000-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2747003501-3174584430-2147103000-503 - Limited - Disabled)
Invitado (S-1-5-21-2747003501-3174584430-2147103000-501 - Limited - Disabled)
MATROSKA (S-1-5-21-2747003501-3174584430-2147103000-1000 - Administrator - Enabled) => C:\Users\MATROSKA
WDAGUtilityAccount (S-1-5-21-2747003501-3174584430-2147103000-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

@BIOS (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.18.0709.1 - GIGABYTE) Hidden
@BIOS (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.18.0709.1 - GIGABYTE)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.192 - Adobe)
AIMP2 (HKLM-x32\...\AIMP2) (Version:  - AIMP DevTeam)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.7.4 - Advanced Micro Devices, Inc.)
APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.19.0704.1 - GIGABYTE) Hidden
APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.19.0704.1 - GIGABYTE)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
AutoGreen (HKLM-x32\...\{CFB76B97-0C1C-4E1A-999A-DE62FA5FEB9A}) (Version: 1.17.0628.1 - GIGABYTE) Hidden
AutoGreen (HKLM-x32\...\InstallShield_{CFB76B97-0C1C-4E1A-999A-DE62FA5FEB9A}) (Version: 1.17.0628.1 - GIGABYTE)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BIOS Setup (HKLM-x32\...\{9D48202D-C767-40E7-8A4E-C14BD7328168}) (Version: 1.17.0621.1 - GIGABYTE) Hidden
BIOS Setup (HKLM-x32\...\InstallShield_{9D48202D-C767-40E7-8A4E-C14BD7328168}) (Version: 1.17.0621.1 - GIGABYTE)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
BUSB (HKLM-x32\...\{0AADC50C-C4F8-49A7-8699-AFE46875CA67}) (Version: 2.17.0816.1 - GIGABYTE)
calibre (HKLM-x32\...\{1AB14879-AF77-44C2-82A3-5A90C8102C06}) (Version: 3.42.0 - Kovid Goyal)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
Cloud Station (Server) (HKLM-x32\...\{5D132D9D-2A99-48CF-9DCC-775DF6F31384}) (Version: 3.17.0816.1 - GIGABYTE) Hidden
Cloud Station (Server) (HKLM-x32\...\InstallShield_{5D132D9D-2A99-48CF-9DCC-775DF6F31384}) (Version: 3.17.0816.1 - GIGABYTE)
CloudStation (HKLM-x32\...\{6D8DA122-A40A-421B-9D95-FE4C806BCDBE}) (Version: 1.00.0025 - GIGABYTE) Hidden
CloudStation (HKLM-x32\...\InstallShield_{6D8DA122-A40A-421B-9D95-FE4C806BCDBE}) (Version: 1.00.0025 - GIGABYTE)
Color Temperature (HKLM-x32\...\{68BFE28B-3F55-4E00-90A4-5179B91A3BD0}) (Version: 2.17.0817.1 - GIGABYTE) Hidden
Color Temperature (HKLM-x32\...\InstallShield_{68BFE28B-3F55-4E00-90A4-5179B91A3BD0}) (Version: 2.17.0817.1 - GIGABYTE)
CORSAIR iCUE Software (HKLM-x32\...\{910AEE07-43C5-4AEA-B44B-95BED7FAF49C}) (Version: 3.18.77 - Corsair)
Dead Space™ 2 (HKLM-x32\...\{C549C2A2-574F-4ABC-933C-BD11D027C16A}) (Version: 1.0.941.0 - Electronic Arts)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Doomsday 2.1.1.2967 (HKLM\...\{D2A48C52-5EC4-430C-84BD-CC2B82D77F74}) (Version: 2.1.1.2967 - dengine.net)
EasyTune (HKLM-x32\...\{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.18.1005.1 - GIGABYTE) Hidden
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.18.1005.1 - GIGABYTE)
EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.18.1019.2 - GIGABYTE) Hidden
EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.18.1019.2 - GIGABYTE)
Epic Games Launcher (HKLM-x32\...\{5D2C53C5-AA9C-493F-99B6-A8F458A62EAB}) (Version: 1.1.229.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Privacy Browser (HKU\S-1-5-21-2747003501-3174584430-2147103000-1000\...\Epic Privacy Browser) (Version: 71.0.3578.98 - Epic)
EZRAID  (HKLM-x32\...\{8F307CB5-FE1C-4BF3-8747-305D14161916}) (Version: 1.17.0913.1 - GIGABYTE) Hidden
EZRAID  (HKLM-x32\...\InstallShield_{8F307CB5-FE1C-4BF3-8747-305D14161916}) (Version: 1.17.0913.1 - GIGABYTE)
Fast Boot (HKLM-x32\...\{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.18.0910.1 - GIGABYTE) Hidden
Fast Boot (HKLM-x32\...\InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.18.0910.1 - GIGABYTE)
FormatFactory 4.7.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.7.0.0 - Free Time)
Game Boost (HKLM-x32\...\{644B5310-D2AA-42A8-9F3B-7B92C856C8D7}) (Version: 1.00.0006 - Gigabyte) Hidden
Game Boost (HKLM-x32\...\InstallShield_{644B5310-D2AA-42A8-9F3B-7B92C856C8D7}) (Version: 1.00.0006 - Gigabyte)
GIMP 2.10.12 (HKLM\...\GIMP-2_is1) (Version: 2.10.12 - The GIMP Team)
GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.16.1202.1 - GIGABYTE)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) USB 3.0\3.1 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 5.0.0.32 - Intel Corporation)
IrfanView 4.52 (64-bit) (HKLM\...\IrfanView64) (Version: 4.52 - Irfan Skiljan)
Java 8 Update 231 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
K-Lite Mega Codec Pack 14.8.8 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.8.8 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{db012557-340e-4a46-adae-81a6b0f6a1e9}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3994d355-238a-4612-af93-26d13deddef1}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{e6edaf4d-f9a1-4023-be00-d6189343feb9}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{246dcb72-b18c-4ab9-9de9-8a996296b01d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Firefox 71.0 (x64 es-AR) (HKLM\...\Mozilla Firefox 71.0 (x64 es-AR)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.1 - Mozilla)
nGlide 2.10 (HKLM-x32\...\nGlide) (Version: 2.10 - Zeus Software)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
ON_OFF Charge 2 B15.0709.1 (HKLM-x32\...\{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) Hidden
ON_OFF Charge 2 B15.0709.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
OpenOffice 4.1.6 (HKLM-x32\...\{ABA77258-70D6-4A14-9AB7-3FA087C470DB}) (Version: 4.16.9790 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.56.33908 - Electronic Arts, Inc.)
Pandemonium (HKLM-x32\...\GOGPACKPANDEMONIUM_is1) (Version: 2.0.0.15 - GOG.com)
PCSX2 D3D11 Wrapper (HKLM\...\{47f790f9-15f6-4e44-97df-5ad76537e9e1}.sdb) (Version:  - )
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.10 - Tracker Software Products Ltd)
PlatformPowerManagement (HKLM-x32\...\{7A6EB543-522C-4784-9DB5-4FC87522EBDF}) (Version: 1.18.0910.1 - GIGABYTE) Hidden
PlatformPowerManagement (HKLM-x32\...\InstallShield_{7A6EB543-522C-4784-9DB5-4FC87522EBDF}) (Version: 1.18.0910.1 - GIGABYTE)
qBittorrent 4.2.1 (HKLM-x32\...\qBittorrent) (Version: 4.2.1 - The qBittorrent project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.101.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8586 - Realtek Semiconductor Corp.)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.19.0308.1 - GIGABYTE)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.3.0.1910 - Samsung Electronics)
SIV (HKLM-x32\...\{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.18.0918.1 - GIGABYTE) Hidden
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.18.0918.1 - GIGABYTE)
Smart Backup (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 3.17.0817.1 - GIGABYTE)
Smart TimeLock (HKLM-x32\...\{5D93E30A-78A3-4890-962F-56B61A5873DD}) (Version: 2.17.0817.1 - GIGABYTE) Hidden
Smart TimeLock (HKLM-x32\...\InstallShield_{5D93E30A-78A3-4890-962F-56B61A5873DD}) (Version: 2.17.0817.1 - GIGABYTE)
SmartKeyboard (HKLM-x32\...\{75B74C36-A9C6-4912-B4BB-C461AA36D01E}) (Version: 1.17.0817.1 - GIGABYTE) Hidden
SmartKeyboard (HKLM-x32\...\InstallShield_{75B74C36-A9C6-4912-B4BB-C461AA36D01E}) (Version: 1.17.0817.1 - GIGABYTE)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{ffddf9dd-c47f-453a-92f5-ac6c98af8b5b}) (Version: 10.1.17968.8131 - Intel(R) Corporation)
Spider-man (HKLM-x32\...\Spider-Man) (Version:  - )
Spider-Man (tm) Movie (HKLM-x32\...\Spider-Man (tm) Movie) (Version:  - )
Spider-Man(TM) - El Reino de las Sombras 1.1 Patch (HKLM-x32\...\InstallShield_{9208F706-6528-4591-A997-F41395FBD8A7}) (Version:  - ) Hidden
Spider-Man(TM) - Web of Shadows 1.1 Patch (HKLM-x32\...\{9208F706-6528-4591-A997-F41395FBD8A7}) (Version: 1.1 - Activision) Hidden
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Subtitle Workshop 6.0b (HKLM-x32\...\SubtitleWorkshop) (Version:  - )
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
TriDef 3D 7.4 (HKLM-x32\...\essentials-bundle) (Version: 7.4 - Dynamic Digital Depth Australia Pty Ltd)
UltraISO Premium V9.33 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Uninstall Tool (HKLM\...\Uninstall Tool_is1) (Version: 3.5.4 - CrystalIDEA Software, Inc.)
VTuner (HKLM-x32\...\{C381226E-C402-4976-9411-54282F1396D3}) (Version: 1.17.0817.1 - GIGABYTE) Hidden
VTuner (HKLM-x32\...\InstallShield_{C381226E-C402-4976-9411-54282F1396D3}) (Version: 1.17.0817.1 - GIGABYTE)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Wireless Controller (HKLM-x32\...\{61A994FF-DF9B-4937-9DB9-87EC4FF1B31F}) (Version: 1.00.0000 - ShanWan)

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.3842.0_x64__rz1tebttyb220 [2019-12-17] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-03-22] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.16.0_x64__nfy108tqq3p12 [2019-09-26] (Thumbmunkeys Ltd) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2019-12-02] (Realtek Semiconductor Corp)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-2747003501-3174584430-2147103000-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\MATROSKA\AppData\Local\Microsoft\OneDrive\19.123.0624.0005\amd64\FileSyncShell64.dll => Ningún archivo
CustomCLSID: HKU\S-1-5-21-2747003501-3174584430-2147103000-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\MATROSKA\AppData\Local\Microsoft\OneDrive\19.123.0624.0005\amd64\FileSyncShell64.dll => Ningún archivo
CustomCLSID: HKU\S-1-5-21-2747003501-3174584430-2147103000-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\MATROSKA\AppData\Local\Microsoft\OneDrive\19.123.0624.0005\amd64\FileSyncShell64.dll => Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Ningún archivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1-x32: [AIMPClassic] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP2\System\aimp_shell.dll [2009-03-06] (AIMP DevTeam) [Archivo no firmado]
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_106.dll [2019-05-09] (暇光软件科技(上海)有限公司 -> Free Time)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2007-07-17] (EZB Systems, Inc.) [Archivo no firmado]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers4-x32: [AIMPClassic] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP2\System\aimp_shell.dll [2009-03-06] (AIMP DevTeam) [Archivo no firmado]
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_106.dll [2019-05-09] (暇光软件科技(上海)有限公司 -> Free Time)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2007-07-17] (EZB Systems, Inc.) [Archivo no firmado]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-07-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2007-07-17] (EZB Systems, Inc.) [Archivo no firmado]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\WINDOWS\system32\huffyuv.dll [55296 2005-01-22] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [311296 2018-01-28] () [Archivo no firmado]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [Archivo no firmado]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [473088 2015-02-25] (hxxp://www.mp3dev.org/) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [Archivo no firmado]

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2019-04-09 13:40 - 2019-04-09 13:40 - 000015872 _____ () [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libEGL.DLL
2019-04-09 13:40 - 2019-04-09 13:40 - 002786816 _____ () [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libGLESv2.dll
2019-07-12 14:02 - 2019-07-12 14:02 - 000204800 _____ () [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll
2019-07-12 13:57 - 2019-07-12 13:57 - 000101376 _____ () [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll
2019-06-25 16:12 - 2019-06-25 16:12 - 001864192 _____ () [Archivo no firmado] C:\Program Files (x86)\GIGABYTE\AppCenter\BDR_info.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000017920 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 003598336 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-04-15 16:24 - 2019-04-15 16:24 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [Archivo no firmado] C:\Program Files (x86)\GIGABYTE\AppCenter\yccV2.dll
2018-04-20 18:45 - 2018-04-20 18:45 - 000080896 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [Archivo no firmado] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\yccV2.dll
2014-07-30 19:56 - 2014-07-30 19:56 - 000208896 _____ (Gigabyte Technology CO., LTD.) [Archivo no firmado] C:\Program Files (x86)\GIGABYTE\Smart TimeLock\slmDB.dll
2013-02-22 14:36 - 2013-02-22 14:36 - 000087040 _____ (Gigabyte Technology CO., LTD.) [Archivo no firmado] C:\Program Files (x86)\GIGABYTE\Smart TimeLock\slmWeekCtrlRule.dll
2015-03-19 14:54 - 2015-03-19 14:54 - 000172032 _____ (Gigabyte Technology CO., LTD.) [Archivo no firmado] C:\Program Files (x86)\GIGABYTE\Smart TimeLock\SmartLock.dll
2019-03-29 02:10 - 2019-02-21 13:00 - 000078336 _____ (Igor Pavlov) [Archivo no firmado] C:\Program Files\7-Zip\7-zip.dll
2019-05-30 12:55 - 2019-05-30 12:55 - 000090112 _____ (Silicon Laboratories, Inc.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2019-06-06 16:45 - 2019-06-06 16:45 - 001298944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\LIBEAY32.dll
2019-06-06 16:45 - 2019-06-06 16:45 - 000281600 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\ssleay32.dll
2019-04-10 20:30 - 2019-04-10 20:30 - 000081408 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\audio\qtaudio_wasapi.dll
2019-04-10 20:30 - 2019-04-10 20:30 - 000047104 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\audio\qtaudio_windows.dll
2019-04-09 13:48 - 2019-04-09 13:48 - 000025600 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qgif.dll
2019-04-10 19:27 - 2019-04-10 19:27 - 000034816 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qicns.dll
2019-04-09 13:48 - 2019-04-09 13:48 - 000025600 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qico.dll
2019-04-09 13:50 - 2019-04-09 13:50 - 000364032 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qjpeg.dll
2019-04-10 19:27 - 2019-04-10 19:27 - 000021504 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qsvg.dll
2019-04-10 19:27 - 2019-04-10 19:27 - 000019968 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qtga.dll
2019-04-10 19:27 - 2019-04-10 19:27 - 000331776 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qtiff.dll
2019-04-10 19:26 - 2019-04-10 19:26 - 000019456 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qwbmp.dll
2019-04-10 19:27 - 2019-04-10 19:27 - 000414720 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qwebp.dll
2019-04-09 13:50 - 2019-04-09 13:50 - 001192960 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\platforms\qwindows.dll
2019-04-09 13:42 - 2019-04-09 13:42 - 000024576 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Concurrent.dll
2019-07-12 14:40 - 2019-07-12 14:40 - 005087232 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Core.dll
2019-04-09 13:44 - 2019-04-09 13:44 - 005353984 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Gui.dll
2019-04-10 20:28 - 2019-04-10 20:28 - 000576512 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Multimedia.dll
2019-04-09 13:44 - 2019-04-09 13:44 - 001042944 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Network.dll
2019-04-10 20:14 - 2019-04-10 20:14 - 003359232 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Qml.dll
2019-04-10 20:09 - 2019-04-10 20:09 - 003181056 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Quick.dll
2019-04-10 20:56 - 2019-04-10 20:56 - 000142336 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5QuickControls2.dll
2019-04-10 20:55 - 2019-04-10 20:55 - 000849920 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5QuickTemplates2.dll
2019-04-10 20:27 - 2019-04-10 20:27 - 000326656 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Scxml.dll
2019-04-09 13:42 - 2019-04-09 13:42 - 000156672 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Sql.dll
2019-04-10 19:27 - 2019-04-10 19:27 - 000265728 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Svg.dll
2019-04-09 13:47 - 2019-04-09 13:47 - 004532224 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Widgets.dll
2019-04-10 20:40 - 2019-04-10 20:40 - 000444416 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5WinExtras.dll
2019-04-09 13:41 - 2019-04-09 13:41 - 000147456 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Xml.dll
2019-04-10 20:51 - 2019-04-10 20:51 - 000045568 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-04-10 20:51 - 2019-04-10 20:51 - 000056320 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-04-10 20:12 - 2019-04-10 20:12 - 000014848 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick.2\qtquick2plugin.dll
2019-04-10 20:58 - 2019-04-10 20:58 - 000456192 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-04-10 20:56 - 2019-04-10 20:56 - 000271360 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-10 20:13 - 2019-04-10 20:13 - 000072192 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-10 20:56 - 2019-04-10 20:56 - 000260608 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-04-10 20:12 - 2019-04-10 20:12 - 000014848 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Window.2\windowplugin.dll
2019-04-09 13:49 - 2019-04-09 13:49 - 000122880 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\styles\qwindowsvistastyle.dll
2019-07-28 22:36 - 2019-07-28 22:36 - 005999104 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 006413824 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 001141760 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000339968 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 004143104 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 003840000 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000113152 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000349184 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 080959488 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 005622272 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000463360 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000190464 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 002825216 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2015-10-14 01:15 - 2015-10-14 01:15 - 002042368 _____ (TODO: <Company name>) [Archivo no firmado] C:\Program Files (x86)\GIGABYTE\AppCenter\osvi.dll
2018-10-18 11:44 - 2018-10-18 11:44 - 002069504 _____ (TODO: <Company name>) [Archivo no firmado] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GbtNvGpuLib.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-13 23:34 - 2009-06-10 18:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-2747003501-3174584430-2147103000-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MATROSKA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 200.45.191.35 - 200.45.48.233
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
Firewall de Windows está habilitado.

Y acá va la segunda parte del Addition.txt:

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\Run32: => "iSkysoft Helper Compact.exe"
HKU\S-1-5-21-2747003501-3174584430-2147103000-1000\...\StartupApproved\Run: => "Epic Privacy Browser Installer"
HKU\S-1-5-21-2747003501-3174584430-2147103000-1000\...\StartupApproved\Run: => "OneDrive"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{04396A3A-AC8A-489F-AC8C-3C4617E1F683}] => (Allow) LPort=9009
FirewallRules: [{3F39648D-D68E-42BC-9CB4-F5FEDD546863}] => (Allow) LPort=9009
FirewallRules: [{B3082EB2-F00D-4E8A-98BA-5FE37D0F7550}] => (Allow) LPort=9009
FirewallRules: [{D8708B53-64A9-479C-8C8F-6EF9D091C537}] => (Allow) LPort=9009
FirewallRules: [{9CEBCDB2-5F7F-4A2D-9AB4-094FB12C707A}] => (Allow) LPort=9009
FirewallRules: [{B10C9984-DFBB-405C-BEA2-D3F475D5E655}] => (Allow) LPort=9009
FirewallRules: [{D9E6A2E1-9FC9-4D91-92DD-0FD59E27BF48}] => (Allow) LPort=9009
FirewallRules: [{8D9BA7F6-410C-4D10-BFD7-1453A3E05A89}] => (Allow) LPort=9009
FirewallRules: [{CCE36DA0-B27F-4B0D-8F0C-89C1661E8D90}] => (Allow) LPort=9009
FirewallRules: [{F5A8A36A-4487-46DE-A10D-1FF7BC1241F2}] => (Allow) LPort=9009
FirewallRules: [{B0B01269-05A7-4925-9B73-9C654E71A147}] => (Allow) LPort=9009
FirewallRules: [{60C4004D-51B9-4985-9415-E3AFC24A4778}] => (Allow) LPort=9009
FirewallRules: [{AEA800B4-A95B-491A-857A-F635832A02BD}] => (Allow) LPort=9009
FirewallRules: [{82EEB0F1-1552-4F0D-9DC4-34CDB50A0D11}] => (Allow) LPort=9009
FirewallRules: [{E8BCC7A8-BF16-4B4B-B4E3-D08F3C006E7A}] => (Allow) LPort=9009
FirewallRules: [{61ABFC41-8418-48A9-8A35-3597E402DF00}] => (Allow) LPort=9009
FirewallRules: [{887744E6-5F76-475F-9C9F-04A4491EC5A9}] => (Allow) LPort=9009
FirewallRules: [{F1B65F5C-49CC-4723-93E4-5B3BE6DF6486}] => (Allow) LPort=9009
FirewallRules: [{2DEED033-7046-4320-B6A8-EDC6D92AAB6B}] => (Allow) LPort=9009
FirewallRules: [{804F1439-5AC8-45E6-A796-E12C8ACED4E9}] => (Allow) LPort=9009
FirewallRules: [{3C1A9732-B37F-4E77-9753-56ADF0E8D93E}] => (Allow) LPort=9009
FirewallRules: [{12A6D046-5C5E-4597-A688-5818F2A98E8A}] => (Allow) LPort=9009
FirewallRules: [{D1929C51-2450-4EC8-886A-E999A3F12943}] => (Allow) LPort=9009
FirewallRules: [{9B27EDDE-729B-4CED-86FB-7A88775E5F5A}] => (Allow) LPort=9009
FirewallRules: [{044F8A57-B89E-4903-BC76-8D7396A75512}] => (Allow) LPort=9009
FirewallRules: [{F5847544-8ED8-4A55-BE9B-C9B6985329AD}] => (Allow) LPort=9009
FirewallRules: [{E204FBD3-9806-4CC6-B4D5-34956335CEE5}] => (Allow) LPort=9009
FirewallRules: [{270AC9E7-D327-42F6-9FF7-DCC5046E5502}] => (Allow) LPort=9009
FirewallRules: [{8512E366-E56F-4650-A067-FED4A9E831DF}] => (Allow) LPort=9009
FirewallRules: [{3A1B2268-8D76-492D-B442-E826233BF030}] => (Allow) LPort=9009
FirewallRules: [{82C79833-0CC3-45CB-8310-57A565A7E7D2}] => (Allow) LPort=9009
FirewallRules: [{DB28F0FE-B89D-4D0C-BB99-5A9974EAFC74}] => (Allow) LPort=9009
FirewallRules: [{77E97122-1A6F-4EDF-AEB5-1464C195E1D3}] => (Allow) LPort=9009
FirewallRules: [{56727DA7-1705-42F5-96DB-CE9918EF36EA}] => (Allow) LPort=9009
FirewallRules: [{5F4D5B91-75DE-409F-8292-932BB1A36EDF}] => (Allow) LPort=9009
FirewallRules: [{17DC4AF1-4F37-4E10-B5E3-0CD7543802B8}] => (Allow) LPort=9009
FirewallRules: [{CE0A62AB-446C-44CC-AB67-300666BCFEF3}] => (Allow) LPort=9009
FirewallRules: [{3D155293-1728-42D5-B543-ABB36BB0CA0F}] => (Allow) LPort=9009
FirewallRules: [{0BFABB29-7A52-474B-A937-3B9715ADFF83}] => (Allow) LPort=9009
FirewallRules: [{9DE53349-DA84-4F16-9C32-F4749F330869}] => (Allow) LPort=9009
FirewallRules: [{19E2C5F3-EDF5-476F-B6D9-94B3E93671EE}] => (Allow) LPort=9009
FirewallRules: [{BF22ED4F-C308-4349-BF1B-026EB4A4E510}] => (Allow) LPort=9009
FirewallRules: [{F31A76CB-A290-461C-9678-DA33DBADD99D}] => (Allow) LPort=9009
FirewallRules: [{7F8D3C2C-C859-401A-A921-2F9EAB17D19D}] => (Allow) LPort=9009
FirewallRules: [{366B2C2F-96AB-4DF4-9F78-83F40E2AADF4}] => (Allow) LPort=9009
FirewallRules: [{70603756-A437-4AB1-8328-CE1664C22DEC}] => (Allow) LPort=9009
FirewallRules: [{442D070D-0FBD-45E1-ADAA-5126600ADD58}] => (Allow) LPort=9009
FirewallRules: [{DF8BCCA7-1C44-4419-A069-38A6D72CEC3A}] => (Allow) LPort=9009
FirewallRules: [{ABFC698C-E0F7-42A6-ABA5-FCCCFC413EBD}] => (Allow) LPort=9009
FirewallRules: [{9E1F2CF1-64F6-4F1A-A0FE-0EED38A99642}] => (Allow) LPort=9009
FirewallRules: [{AF56A74A-D812-44AC-A200-7E99D60EF9B0}] => (Allow) LPort=9009
FirewallRules: [{677A0D2A-F308-4286-A0E7-0ED0E6F3ECF8}] => (Allow) C:\Origin Games\Dead Space 3\deadspace3.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{0232D505-BD0D-4E49-B069-B5F62B1D9D58}] => (Allow) C:\Origin Games\Dead Space 3\deadspace3.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{66CD3F2C-00D8-43F6-B83A-168FE5CA0E4E}] => (Allow) LPort=9009
FirewallRules: [{05431118-AFC0-4A1C-B203-94234EF6700D}] => (Allow) LPort=9009
FirewallRules: [{4CC11C17-E234-4291-9621-EB89EC7B21C1}] => (Allow) LPort=9009
FirewallRules: [{17703811-B6F4-439C-B21B-5F2957C77556}] => (Allow) LPort=9009
FirewallRules: [{6D2D984F-4229-4373-A388-44D474DE68EE}] => (Allow) LPort=9009
FirewallRules: [{BE4F3E7E-DC5B-4D30-BDF9-2C3F0C6FF710}] => (Allow) LPort=9009
FirewallRules: [{1D7D5E15-6E9B-4A87-8956-05C4A1717943}] => (Allow) LPort=9009
FirewallRules: [{B15D5103-FAC2-4A1E-ADA9-EE3C8E97498F}] => (Allow) LPort=9009
FirewallRules: [{D5D2EC1A-79B0-4165-AB0D-F70A4279A428}] => (Allow) LPort=9009
FirewallRules: [{6103707C-FCB0-4D48-811A-656B5CB54F75}] => (Allow) LPort=9009
FirewallRules: [{6FFC5A14-4A63-478A-B446-EDF59D8CAE35}] => (Allow) LPort=9009
FirewallRules: [{131142D7-5937-4B6A-B8B1-8CD912D148E8}] => (Allow) LPort=9009
FirewallRules: [{AD651378-31B5-4156-B460-D575C5AB0DCC}] => (Allow) LPort=9009
FirewallRules: [{A1488854-7CD4-4D38-AF2F-5B9096FA0DB9}] => (Allow) LPort=9009
FirewallRules: [{8C990DBE-FF48-4073-94B1-FDFDAC208F71}] => (Allow) LPort=9009
FirewallRules: [{4CC926CB-4BD6-4773-AB4E-8F4516513C17}] => (Allow) LPort=9009
FirewallRules: [{CEB021A2-9769-4746-9F2E-EE2741E5F75B}] => (Allow) LPort=9009
FirewallRules: [{06B9AA22-E79B-486B-BCD0-2C296B431EFD}] => (Allow) LPort=9009
FirewallRules: [{81E66CA0-1465-465E-98D3-EFD9A9ECB8BB}] => (Allow) LPort=9009
FirewallRules: [{8BEBB5AA-1CEC-4A77-803A-B71070E1B85D}] => (Allow) LPort=9009
FirewallRules: [{CF7EC9BA-96FF-4BB2-B41C-3D759CB2E8CF}] => (Allow) LPort=9009
FirewallRules: [{DD3E3C85-0CBB-4FD1-8E23-5C714FEEF826}] => (Allow) LPort=9009
FirewallRules: [{6025B484-0DF9-432C-8A3C-76AC83C3F3EA}] => (Allow) LPort=9009
FirewallRules: [{C7DEDDF5-544D-4856-92F8-CDCF5C5CCBB8}] => (Allow) LPort=9009
FirewallRules: [{9F0CCDE3-3CDD-454A-B5FD-67339069821F}] => (Allow) LPort=9009
FirewallRules: [{DA78A162-6A31-461D-8C90-6485AF37DBFF}] => (Allow) LPort=9009
FirewallRules: [{CE7BEB07-9A36-4811-B266-063B94D68C17}] => (Allow) LPort=9009
FirewallRules: [{2210BE1E-6457-409A-8BBF-BE3AD454C39F}] => (Allow) LPort=9009
FirewallRules: [{54961791-3320-4F46-B9DD-B1CE2C224DE1}] => (Allow) LPort=9009
FirewallRules: [{6F43F7F3-B72D-4633-9B2A-DEFCA501F227}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{0A8C8528-F486-4FCE-9103-4BA757F80F95}C:\steam\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe (Focus Home Interactive -> Epic Games, Inc.)
FirewallRules: [TCP Query User{C96F5333-D210-44F0-9151-E9288CB3AA7F}C:\steam\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe (Focus Home Interactive -> Epic Games, Inc.)
FirewallRules: [{38B0CABF-AE4C-4435-B61F-7B2CCEAB4721}] => (Allow) C:\Steam\steamapps\common\Styx Shards of Darkness\Styx2.exe (Focus Home Interactive -> )
FirewallRules: [{744C9B1F-D494-467A-BD4D-BB8269DB2376}] => (Allow) C:\Steam\steamapps\common\Styx Shards of Darkness\Styx2.exe (Focus Home Interactive -> )
FirewallRules: [{102537DE-ACA5-485B-A894-FBA194E58671}] => (Allow) LPort=9009
FirewallRules: [{DF18E40A-28F8-49DF-86A8-707CABA3BC6A}] => (Allow) LPort=9009
FirewallRules: [{666E9F41-5812-4EF0-8BA3-86145D10BE6F}] => (Allow) LPort=9009
FirewallRules: [{CF35F9D6-3155-49F8-8646-2CC42C31FC06}] => (Allow) LPort=9009
FirewallRules: [{229D6BA5-4409-4B79-B904-8C0E4339D8E9}] => (Allow) LPort=9009
FirewallRules: [{8AF003CF-4ACC-4037-A1B9-E47E22A20895}] => (Allow) LPort=9009
FirewallRules: [{BA627571-3539-4116-9CD5-94DFF2D7CBD8}] => (Allow) LPort=9009
FirewallRules: [{03D36786-D79C-4948-85EA-6B999EF88063}] => (Allow) LPort=9009
FirewallRules: [{8E009C27-BCC8-4CE1-9BF6-CCA3252BB55B}] => (Allow) LPort=9009
FirewallRules: [{F2755EDD-12BD-46EC-A4C2-0EC409BBBF1F}] => (Allow) LPort=9009
FirewallRules: [{03902B29-661B-482E-8396-72928905CAE1}] => (Allow) LPort=9009
FirewallRules: [{85559ECF-521A-40F8-B9A7-4EBC29EB8BE1}] => (Allow) LPort=9009
FirewallRules: [{FA47A6D7-D18A-40DA-A2F5-275808962E8D}] => (Allow) LPort=9009
FirewallRules: [{8A178910-7BD4-4A63-85CB-B59B4412B43E}] => (Allow) LPort=9009
FirewallRules: [{99BAB08D-48BE-4DB6-96D6-A2DC11B3FEA7}] => (Allow) LPort=9009
FirewallRules: [{38D7939A-7719-4AD5-9281-A10B03505A1B}] => (Allow) LPort=9009
FirewallRules: [{6AEB30A2-7213-4E8B-BA2A-2BAC1613E8FF}] => (Allow) LPort=9009
FirewallRules: [{D50BA0E8-44F7-4AEF-9205-5CCAEF5E795D}] => (Allow) LPort=9009
FirewallRules: [{E364DF7D-A8C3-4EFC-8875-66EAE836C180}] => (Allow) LPort=9009
FirewallRules: [{6335DC02-4CE6-4EFB-B318-AA9C7A5A4226}] => (Allow) LPort=9009
FirewallRules: [{91C0C128-D7A4-44F0-8526-BFAD7CB00A90}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{746E1D96-5202-411D-9F8A-A2103FEF7CA0}C:\program files\doomsday 2.1.1\bin\doomsday.exe] => (Allow) C:\program files\doomsday 2.1.1\bin\doomsday.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{16A7F79E-6E75-456E-9578-D71722E916DE}C:\program files\doomsday 2.1.1\bin\doomsday.exe] => (Allow) C:\program files\doomsday 2.1.1\bin\doomsday.exe () [Archivo no firmado]
FirewallRules: [{2FD5F25A-7A8D-4A5A-B0B8-B806E86F9E8B}] => (Allow) C:\Steam\steamapps\common\Hexen Deathkings of the Dark Citadel\base\dosbox.exe (DOSBox Team) [Archivo no firmado]
FirewallRules: [{5238C58E-E8A4-445E-BE51-EF14184317E5}] => (Allow) C:\Steam\steamapps\common\Hexen Deathkings of the Dark Citadel\base\dosbox.exe (DOSBox Team) [Archivo no firmado]
FirewallRules: [{4391A04F-C0B6-4E69-8B76-66AC9026F923}] => (Allow) C:\Steam\steamapps\common\Hexen\base\dosbox.exe (DOSBox Team) [Archivo no firmado]
FirewallRules: [{87D945D5-3EBF-47F1-97C1-327D94E7AF99}] => (Allow) C:\Steam\steamapps\common\Hexen\base\dosbox.exe (DOSBox Team) [Archivo no firmado]
FirewallRules: [{F2CB26CE-26F5-4168-BF01-06AA3C08233D}] => (Allow) LPort=9009
FirewallRules: [{973DFFD4-55CE-4C24-904A-CA575E674236}] => (Allow) LPort=9009
FirewallRules: [{885ADD99-6D06-4857-9E25-3084651A5DFD}] => (Allow) LPort=9009
FirewallRules: [{F2C0ABBC-0D14-493D-93EC-D33B1EB836E2}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{CD3A9434-3C55-4049-8710-E5DF60565E1E}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{29C052E4-E250-4E8D-A891-1DA44D5EE5C8}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{8F8D9227-71C2-4473-B886-79B91E405EC0}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{2EC238EA-DD14-4936-9867-5968EFA1B4CE}] => (Allow) LPort=9009
FirewallRules: [{336B0507-F276-49A9-9231-9EF65ACEA967}] => (Allow) LPort=9009
FirewallRules: [{4E65328C-677E-4D34-9221-C30BE3B01103}] => (Allow) LPort=9009
FirewallRules: [{374F5A4F-7E8C-4175-B14C-9B910AAD85CA}] => (Allow) LPort=9009
FirewallRules: [{DE49B6C0-943C-46D7-A433-D6F2C09C919E}] => (Allow) LPort=9009
FirewallRules: [{6999528D-56A1-43D3-83E8-465FFE224370}] => (Allow) LPort=9009
FirewallRules: [{48D0EA58-D6D9-4A96-B3B5-F3CB2EFB9B07}] => (Allow) LPort=9009
FirewallRules: [{7C111C9C-B768-4542-8B1B-50B759ED931F}] => (Allow) LPort=9009
FirewallRules: [{1CC20D00-0EA9-4BAF-9103-5D5C87BC223E}] => (Allow) LPort=9009
FirewallRules: [{3D084D97-EDC0-483E-82E7-58E3CF47BB12}] => (Allow) LPort=9009
FirewallRules: [{2A44C16B-6877-4249-85F6-3CA3D865EA6E}] => (Allow) LPort=9009
FirewallRules: [{921B4351-BBBD-49AC-94FE-B178A64270AD}] => (Allow) LPort=9009
FirewallRules: [{4F3CA5CB-6037-4843-B726-9AB86B9971EB}] => (Allow) LPort=9009
FirewallRules: [{B074F16D-73AF-4B67-92F8-1907BE836DA0}] => (Allow) LPort=9009
FirewallRules: [{E81CA265-EF23-40EF-8325-AF5CAFCB136F}] => (Allow) LPort=9009
FirewallRules: [{611DF720-F8E8-4E49-9E2B-E22DAB74551C}] => (Allow) LPort=9009
FirewallRules: [{BDE559EB-91B7-4B65-B92E-1501269E45EA}] => (Allow) LPort=9009
FirewallRules: [{08C4447D-E6D9-4B90-9342-CA0EC4D73B4B}] => (Allow) LPort=9009
FirewallRules: [{DAEAEF2A-E366-4758-9D9A-DD19D0EBB9D7}] => (Allow) LPort=9009
FirewallRules: [{C84F33C2-DB26-4EF5-A500-B3A7E36739DA}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{A9D70739-E3D0-4A0F-ACD7-066B4BE1844F}C:\viewpower2.14\jre\bin\javaw.exe] => (Allow) C:\viewpower2.14\jre\bin\javaw.exe Ningún archivo
FirewallRules: [TCP Query User{915457C4-4E96-4CB0-8EC9-4CF664F13929}C:\viewpower2.14\jre\bin\javaw.exe] => (Allow) C:\viewpower2.14\jre\bin\javaw.exe Ningún archivo
FirewallRules: [{644A3C7F-1337-4478-92CF-B3923A74429A}] => (Allow) LPort=9009
FirewallRules: [{78153F56-64DA-45E6-AB3E-C62A384C49D6}] => (Allow) LPort=9009
FirewallRules: [{481A44AA-2F69-4D04-8F66-666E839D523E}] => (Allow) LPort=9009
FirewallRules: [{D23BDFD4-E636-4E62-B569-B2DB61C9F01B}] => (Allow) LPort=9009
FirewallRules: [{A6CC3467-48C2-4F4C-9B11-81FA0A248DFD}] => (Allow) LPort=9009
FirewallRules: [{E043848C-ABBE-45B9-9529-4715BA25E00C}] => (Allow) LPort=9009
FirewallRules: [{FA14ABF5-8357-4527-AB89-144DB61AC68A}] => (Allow) LPort=9009
FirewallRules: [{3567C947-4543-4972-8309-B97C2145F3BD}] => (Allow) LPort=9009
FirewallRules: [{23627EC7-7341-42B3-9C5E-203CA8542CC0}] => (Allow) LPort=9009
FirewallRules: [{3B8661DA-9B01-41B4-94B5-AAEE00879E63}] => (Allow) LPort=9009
FirewallRules: [{A152B194-B64C-4B54-AF4C-DE481E772E4A}] => (Allow) LPort=9009
FirewallRules: [{ED08E9F5-97A6-4CC0-82EB-C2A482A12080}] => (Allow) LPort=9009
FirewallRules: [{F693E5C9-5284-4DF2-80F3-3CE9D7128B8F}] => (Allow) LPort=9009
FirewallRules: [{24C903FB-9082-42B7-8AFA-F72C2C6D7DB3}] => (Allow) LPort=9009
FirewallRules: [{10484636-7CB9-4659-83F9-970898EED4AA}] => (Allow) LPort=9009
FirewallRules: [{AB2C242B-557C-405F-9050-7CAD65345B4C}] => (Block) C:\Programas Liberados\Spiderman Web Of Shadows\image\pc\Spider-Man Web of Shadows.exe Ningún archivo
FirewallRules: [{5F51A5CC-F4D7-46E1-B20E-7CF8C35A0053}] => (Block) C:\Programas Liberados\Spiderman Web Of Shadows\image\pc\Spider-Man Web of Shadows.exe Ningún archivo
FirewallRules: [{9A9E1DB0-8279-4112-BBE4-EEA66F1CC7E5}] => (Allow) LPort=9009
FirewallRules: [{3FA4D4C1-8081-4861-80AF-C4CB822474BA}] => (Allow) LPort=9009
FirewallRules: [{EE6168BA-14B9-4182-B9DC-1FABF4136677}] => (Allow) LPort=9009
FirewallRules: [{E4E83997-F052-417A-A84D-48D9A20E8811}] => (Allow) LPort=9009
FirewallRules: [{F3ABA849-3A87-429A-943C-E6026DABC953}] => (Allow) LPort=9009
FirewallRules: [{D9798FD0-3E18-4E3F-A724-97523BCB772F}] => (Allow) LPort=9009
FirewallRules: [{1E53B752-240B-442E-A485-42B825B676C7}] => (Allow) LPort=9009
FirewallRules: [{496BB70E-D65B-4DD0-92B6-5FA1C3421D86}] => (Allow) LPort=9009
FirewallRules: [{B3925EDE-0EFE-4023-8159-4585CD0F4079}] => (Allow) LPort=9009
FirewallRules: [{10A78F8E-5663-4246-857A-AAFBB3A98B56}] => (Allow) LPort=9009
FirewallRules: [{33E6F14F-D17C-48F1-A17F-96348B3B5A4F}] => (Allow) LPort=9009
FirewallRules: [{F60ADDAE-AD83-4BB5-B0DF-28695A738A0D}] => (Allow) LPort=9009
FirewallRules: [{CEBA8D95-52B5-4898-838F-799AC47322B3}] => (Allow) LPort=9009
FirewallRules: [{7DF60928-2400-4A92-ACF9-ACCD12A407CA}] => (Allow) LPort=9009
FirewallRules: [{86B32601-2B73-4B58-9D81-9D7908E94DA7}] => (Allow) LPort=9009
FirewallRules: [{8841EA2E-DFFC-44AC-A3C6-4D767910574F}] => (Allow) LPort=9009
FirewallRules: [{40028864-ED01-49BB-BB8D-A21FFE199353}] => (Allow) LPort=9009
FirewallRules: [{F57D0572-F652-42BB-9A5C-B996490EECDD}] => (Allow) LPort=9009
FirewallRules: [{59B3ACBB-0EA9-4BE4-AC11-D010F9D84929}] => (Allow) LPort=9009
FirewallRules: [{1A13320D-DD6E-4432-B972-59B8F599E892}] => (Allow) LPort=9009
FirewallRules: [{059C8181-C9D1-4805-A569-D26AB0788BF0}] => (Allow) LPort=9009
FirewallRules: [{631672A7-63F5-4387-B6BE-D0CC69E1C4F1}] => (Allow) LPort=9009
FirewallRules: [{50EE6227-C726-4E7C-A7B8-F15A2753E122}] => (Allow) LPort=9009
FirewallRules: [{C9F0B400-CCA6-4D9B-A95E-C17E319A32DF}] => (Allow) LPort=9009
FirewallRules: [{EAB7EEB1-9EB1-4D54-BE52-B78F26E833B3}] => (Allow) LPort=9009
FirewallRules: [{A513874E-473A-4C2D-9B9F-BB1318F9D0F5}] => (Allow) LPort=9009
FirewallRules: [{4A9D218C-15BE-4CF1-B67A-74325328EA69}] => (Allow) LPort=9009
FirewallRules: [{5479730F-25E1-4D4B-A92A-B25BEF08C3CC}] => (Allow) LPort=9009
FirewallRules: [{CADE29A0-B645-4F58-AEBE-A356D03990BC}] => (Allow) LPort=9009
FirewallRules: [{2FE770D6-EAC2-4475-8C4D-50E6C59F5F60}] => (Allow) LPort=9009
FirewallRules: [{EEAE7738-B745-40EA-ADF9-423BBF444CB8}] => (Allow) LPort=9009
FirewallRules: [{66CADD3C-3A48-4036-AAE2-8337B36FAF83}] => (Allow) LPort=9009
FirewallRules: [{5F873209-D422-41AB-8542-4182FB069B90}] => (Allow) C:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5C5B2706-96A4-4913-8397-77D0BEB8173B}] => (Allow) C:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{670C22E6-8081-4FAD-A12E-98A6A6940702}] => (Allow) LPort=9009
FirewallRules: [{4C755FCD-0A69-4A7C-AF68-F700020A8EC3}] => (Allow) LPort=9009
FirewallRules: [{D4BE2DB4-1476-4D7A-9B64-35653B9D9176}] => (Allow) LPort=9009
FirewallRules: [{B750F82E-A746-4F2F-9FF5-D1ABF8998FCD}] => (Allow) LPort=9009
FirewallRules: [{A7F38712-49D0-42F5-A0A8-39369C8D5F9E}] => (Allow) LPort=9009
FirewallRules: [{C83606E2-7601-4438-B45C-D48396EC5B56}] => (Allow) LPort=9009
FirewallRules: [{B3CD3D7F-DC83-418A-BE8A-9FED1F75E517}] => (Allow) LPort=9009
FirewallRules: [{A8A32606-6A05-4AF4-A7EF-554662C12F71}] => (Allow) LPort=9009
FirewallRules: [{4212E73D-6FB6-426E-9640-024B8176C1BC}] => (Allow) LPort=9009
FirewallRules: [{E5890D6C-C8B6-4C37-96F9-A4A31AD04356}] => (Allow) LPort=9009
FirewallRules: [{C5FDE76D-D8C7-402B-95A4-AC46E8E2BAAC}] => (Allow) LPort=9009
FirewallRules: [{19441D57-8F08-4019-95A5-6CCF2F2B6351}] => (Allow) LPort=9009
FirewallRules: [{8DDDD79A-029E-4EF9-8A59-C5F3169241DB}] => (Allow) LPort=9009
FirewallRules: [{A1539D02-33A7-4B5F-9037-34E13DB766F3}] => (Allow) LPort=9009
FirewallRules: [{FD9E2DC3-ED16-4337-B8F1-D74C2B855A15}] => (Allow) LPort=9009
FirewallRules: [{99FD8ADF-19AD-4B13-A779-A955241EFDC4}] => (Allow) C:\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe Ningún archivo
FirewallRules: [{99B5B815-F9A4-4680-8C7B-70CE2ADBF25E}] => (Allow) C:\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe Ningún archivo
FirewallRules: [{2D530131-BB52-43A7-A48C-11B9756838A2}] => (Allow) LPort=9009
FirewallRules: [{58AE7557-E2F0-453B-98D9-A755AD52ADDC}] => (Allow) LPort=9009
FirewallRules: [{2AA611B2-5C72-4E6B-A946-FD40635FB004}] => (Allow) LPort=9009
FirewallRules: [{CD0F5C6D-22AF-4D24-940D-430222DB68C9}] => (Allow) LPort=9009
FirewallRules: [{2AA9C463-5963-4651-BA00-5BD3C0D2B95C}] => (Allow) LPort=9009
FirewallRules: [{4FDDB582-EADB-40CA-A2F3-B5937DB955DA}] => (Allow) LPort=9009
FirewallRules: [{D6D7A350-B96F-43CA-8322-B5E339E6D23C}] => (Allow) LPort=9009
FirewallRules: [{A1CAAA26-3003-4B32-94DE-C581DF91ED2A}] => (Allow) LPort=9009
FirewallRules: [{9D6166E0-DBF1-4CB9-BBC4-EA85485A89D0}] => (Allow) LPort=9009
FirewallRules: [{78637EC5-C8B4-4C09-BC14-88F044AE2B8A}] => (Allow) LPort=9009
FirewallRules: [{E33F4764-A3C5-4369-BE27-03B37BD0950C}] => (Allow) LPort=9009
FirewallRules: [{0211421C-EF34-4088-A454-55503B2857C1}] => (Allow) LPort=9009
FirewallRules: [{26662AC1-DDAE-43EC-8FEA-71D17A615A9C}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{B1F430E7-36A7-4C19-8995-4E4BEEA97C66}C:\juegos blizzard\diablo iii\starcraft ii\versions\base72282\sc2_x64.exe] => (Allow) C:\juegos blizzard\diablo iii\starcraft ii\versions\base72282\sc2_x64.exe Ningún archivo
FirewallRules: [TCP Query User{CA358956-1661-4688-8A7C-C447588C4896}C:\juegos blizzard\diablo iii\starcraft ii\versions\base72282\sc2_x64.exe] => (Allow) C:\juegos blizzard\diablo iii\starcraft ii\versions\base72282\sc2_x64.exe Ningún archivo
FirewallRules: [UDP Query User{BBBEAC43-9F01-48F9-9264-FC354AA343D3}C:\juegos blizzard\diablo iii\diablo iii\x64\diablo iii64.exe] => (Allow) C:\juegos blizzard\diablo iii\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{501425BA-12F4-410B-B8F5-A68B91DEB238}C:\juegos blizzard\diablo iii\diablo iii\x64\diablo iii64.exe] => (Allow) C:\juegos blizzard\diablo iii\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{2B1FCF3F-BC8A-4832-9A48-DA6C1067266B}] => (Allow) LPort=9009
FirewallRules: [{66F514F3-19EF-4AB1-B503-69DD643E8A3C}] => (Allow) LPort=9009
FirewallRules: [{C8275F39-792C-4AA5-80EB-B6DE6E746DC7}] => (Allow) LPort=9009
FirewallRules: [{ACC87BA3-E65D-4B3D-9D6B-D211231E0630}] => (Allow) LPort=9009
FirewallRules: [{2A3CFC6E-8147-455D-96EB-C03334C8B798}] => (Allow) LPort=9009
FirewallRules: [{8F870C12-B877-47E6-AC33-336CA2FC3CCD}] => (Allow) LPort=9009
FirewallRules: [{0B3ACD8D-16E7-4A13-8520-ECE1AD5F72B9}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{FBA7B5FB-0816-44AD-A037-7E4D02B3DF2F}D:\blade iii\nintendo 3ds\citra-windows-mingw-20190324-c1de8ac\citra-qt.exe] => (Block) D:\blade iii\nintendo 3ds\citra-windows-mingw-20190324-c1de8ac\citra-qt.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{5B8C009F-B190-4B8A-885D-5C7A52783353}D:\blade iii\nintendo 3ds\citra-windows-mingw-20190324-c1de8ac\citra-qt.exe] => (Block) D:\blade iii\nintendo 3ds\citra-windows-mingw-20190324-c1de8ac\citra-qt.exe () [Archivo no firmado]
FirewallRules: [{3A312114-2125-4BF5-AA23-84E4B8AD86F0}] => (Allow) LPort=9009
FirewallRules: [{4FBE7F2B-841B-4F07-BB5E-40EC7A92D19D}] => (Allow) LPort=9009
FirewallRules: [{8AB97536-9F5E-408E-8194-0306ECE1BAB3}] => (Allow) C:\Steam\steamapps\common\Hitman Absolution\HMA.exe (Valve Corp. -> ) [Archivo no firmado]
FirewallRules: [{E552751F-7C99-48C3-82F2-B2B13D5F125F}] => (Allow) C:\Steam\steamapps\common\Hitman Absolution\HMA.exe (Valve Corp. -> ) [Archivo no firmado]
FirewallRules: [{288D2A6A-6A59-4D6C-9FD9-2F4C4BAB21A2}] => (Allow) LPort=9009
FirewallRules: [{6ACD0E94-3A48-4647-84C8-51F79D262521}] => (Allow) LPort=9009
FirewallRules: [{FFDD5F8E-EA5F-4CD3-A5FD-611468FA16D1}] => (Allow) C:\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe (Square Enix Ltd. -> )
FirewallRules: [{45CAEBF8-EB67-4F80-B534-67C9D19722BE}] => (Allow) C:\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe (Square Enix Ltd. -> )
FirewallRules: [{E4C2A3F4-B109-4ABA-BBD6-183AB4145A03}] => (Allow) C:\Origin Games\Dead Space 2\deadspace2.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{C3B1DD3F-B53B-4A45-82C0-5D9B397E4FC4}] => (Allow) C:\Origin Games\Dead Space 2\deadspace2.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{4DE40E44-ADC8-405C-8DA8-5DF32C89094B}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{C8B9A4A0-57CD-4F3B-B48C-9877307EA83F}D:\blade iii\wii u\citra-windows-mingw-20190324-c1de8ac\citra-qt.exe] => (Block) D:\blade iii\wii u\citra-windows-mingw-20190324-c1de8ac\citra-qt.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{30460ED3-4D9A-4D0F-9D00-23C3540436AD}D:\blade iii\wii u\citra-windows-mingw-20190324-c1de8ac\citra-qt.exe] => (Block) D:\blade iii\wii u\citra-windows-mingw-20190324-c1de8ac\citra-qt.exe () [Archivo no firmado]
FirewallRules: [{A163E052-5582-460E-96F3-F47B732ECDCA}] => (Allow) C:\Steam\bin\cef\cef.win7\steamwebhelper.exe Ningún archivo
FirewallRules: [{A32BC72D-ADE9-4490-9095-1334CF6F0C7D}] => (Allow) C:\Steam\bin\cef\cef.win7\steamwebhelper.exe Ningún archivo
FirewallRules: [{A93D9BE1-F902-4E77-A30C-2D73E1FBF11D}] => (Allow) C:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9B047F70-CEF8-4282-A68B-3B49C274D123}] => (Allow) C:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{AC66EB35-BE64-4E59-8411-CF4C2FEC80D0}] => (Allow) C:\Users\MATROSKA\AppData\Local\Epic Privacy Browser\Application\epic.exe (Hidden Reflex Authors) [Archivo no firmado]
FirewallRules: [{ECAFEF4C-6736-449C-B8EB-86B510FA0F8D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{48C398E2-09C3-4330-953A-4A9FF1496631}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EEDAF52C-8F40-44D9-8E33-3887747857D7}] => (Allow) LPort=9009
FirewallRules: [{A68D14E2-78A2-454C-8B0B-4118CB695B18}] => (Allow) LPort=9009
FirewallRules: [{BA83D158-6C4F-48F2-8235-E112765A4C0B}] => (Allow) LPort=9009
FirewallRules: [{03239121-7491-4469-8C59-C2182969B5A7}] => (Allow) LPort=9009
FirewallRules: [{28041FD3-F9A0-4A8F-9EDB-E81125CAEA10}] => (Allow) LPort=9009
FirewallRules: [{6AD50F62-BD43-4C69-8A16-E8DC16A4D245}] => (Allow) LPort=9009
FirewallRules: [{3DE6CA1E-C79E-4622-BECF-4CCC95E7FE91}] => (Allow) LPort=9009
FirewallRules: [{3518F2AE-A5BD-4483-A65B-2DFCB38E13B3}] => (Allow) LPort=9009
FirewallRules: [UDP Query User{91568557-BD38-4D2A-BE2E-BF66043923D6}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\flashbios.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
FirewallRules: [TCP Query User{0A66C687-3E69-4876-BDE0-0A33E02E0E76}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\flashbios.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
FirewallRules: [{27DA69C2-43B6-4809-9804-25DF998DA7A0}] => (Allow) LPort=9009
FirewallRules: [{191D8E9B-84C0-40EA-80C7-5F4D27F17B2C}] => (Allow) LPort=9009
FirewallRules: [{FD1A11B6-0E34-46F1-8F53-A85E1673E850}] => (Allow) LPort=9009
FirewallRules: [{5C5399A0-95BE-4B23-BB89-E32FE5980921}] => (Allow) LPort=9009
FirewallRules: [{CBCF7636-590C-401C-8F01-ECDE7A115101}] => (Allow) LPort=9009
FirewallRules: [{FB0A2215-1170-495B-986C-707589F1A61E}] => (Allow) LPort=9009
FirewallRules: [{BB0EAD6F-808B-4813-9382-54C9E02FE3A2}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{6622EAE2-23E7-47CF-A92D-B170E1B73554}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{852F6418-5771-48E0-83E1-500FA4297896}] => (Allow) LPort=9009
FirewallRules: [{73C902B4-0784-47CD-A5CB-8351CE9984A2}] => (Allow) LPort=9009
FirewallRules: [{A89C1BF1-FBF9-4393-9AD7-12D079F6A799}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{10AF196C-5610-475E-A12A-64CEB7EDEB90}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{1C32B0D3-0DBF-42D3-8DEC-860DF0EE6F48}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe Ningún archivo
FirewallRules: [{DE3F289E-A4D7-4C3E-A04C-2184618821EC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe Ningún archivo
FirewallRules: [{31B4818D-3230-46AA-B0B7-004D1CC609D2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe Ningún archivo
FirewallRules: [{AD19C5F6-DABB-45B2-B12E-E4C7996814E6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe Ningún archivo
FirewallRules: [{91A25320-316D-4492-8249-A760DEDEA196}] => (Allow) LPort=9009
FirewallRules: [{B1E7013B-96FE-4839-ACB0-2BB6D004E156}] => (Allow) LPort=9009
FirewallRules: [{A13DF2AB-F035-4F62-849A-70E2BF44BC6A}] => (Allow) LPort=9009
FirewallRules: [{A5D8D9EA-C4E9-4F63-8E3D-FCFD7594275A}] => (Allow) LPort=9009
FirewallRules: [{7F24DE61-E3A0-4718-8444-644191B1DF04}] => (Allow) LPort=9009
FirewallRules: [{8EFEF730-139D-40A6-92A2-D8AA3EE6F8FD}] => (Allow) LPort=9009
FirewallRules: [{F6C4748B-EF32-4D22-B6B6-6BD433C32908}] => (Allow) LPort=9009
FirewallRules: [{1810B650-A5EC-4B8F-BA8A-F8D6F03FC468}] => (Allow) LPort=9009
FirewallRules: [{17D844FE-6FD1-4A5B-962F-B45C53E27938}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{E3F8D984-B391-4575-8E16-71884464C079}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{F472B3CC-4D57-4EEB-9063-7D3609F774FE}] => (Allow) LPort=9009
FirewallRules: [{2FB54524-AB4E-44F8-9D58-5150278303C2}] => (Allow) LPort=9009
FirewallRules: [{07957031-D51D-4BD6-8932-C9191E6DED55}] => (Allow) LPort=9009
FirewallRules: [{4C9252C5-D8C9-4B02-AB09-4B7933A8367A}] => (Allow) LPort=9009
FirewallRules: [{FDC35019-2D0E-4E50-AC9B-3B2324C4B0A8}] => (Allow) C:\Steam\steamapps\common\Heretic Shadow of the Serpent Riders\base\dosbox.exe (DOSBox Team) [Archivo no firmado]
FirewallRules: [{322D71C1-D4EE-44A0-B4C4-59FB926FA2FF}] => (Allow) C:\Steam\steamapps\common\Heretic Shadow of the Serpent Riders\base\dosbox.exe (DOSBox Team) [Archivo no firmado]
FirewallRules: [{B4E28143-B20C-4942-9C25-0D0B77F1F702}] => (Allow) LPort=9009
FirewallRules: [{72773185-AA57-4F99-A49B-9FAFCBF358B5}] => (Allow) LPort=9009
FirewallRules: [{51CE64C3-3BD7-414B-8473-B87307A9A523}] => (Allow) LPort=9009
FirewallRules: [{9B7BF4F3-7890-400E-874B-51BF3E2E2EAC}] => (Allow) LPort=9009
FirewallRules: [{421797B9-3AFE-46F7-ADA8-015196F4B52F}] => (Allow) LPort=9009
FirewallRules: [{6E6907FE-C6E0-46CF-AFBF-672737DFFD80}] => (Allow) C:\Steam\steamapps\common\RESIDENT EVIL 2  BIOHAZARD RE2\re2.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{60E7D7E2-F664-458A-BFCF-FA1A9AE75A59}] => (Allow) C:\Steam\steamapps\common\RESIDENT EVIL 2  BIOHAZARD RE2\re2.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{35C19443-450A-4A97-B9ED-1C06220B787F}] => (Allow) C:\Steam\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [Archivo no firmado]
FirewallRules: [{B30C4496-B855-4D0E-B145-D678C666E76B}] => (Allow) C:\Steam\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [Archivo no firmado]
FirewallRules: [{0D30B246-4675-4FB9-9B2D-D7D7DE7E5C6B}] => (Allow) LPort=9009
FirewallRules: [{5AD8D409-B048-47FC-A02A-A74464051E99}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [Archivo no firmado]
FirewallRules: [{4A28370A-7026-4469-8659-AE3B3267A05C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [Archivo no firmado]
FirewallRules: [{64972277-BF48-42A6-8E79-3A1D4C0C7B1C}] => (Allow) C:\Steam\steamapps\common\Resident Evil 6\BH6.exe (QLOC S.A. -> CAPCOM U.S.A, INC.)
FirewallRules: [{74AD59A3-B694-48F2-A52B-BE9CF4CD0428}] => (Allow) C:\Steam\steamapps\common\Resident Evil 6\BH6.exe (QLOC S.A. -> CAPCOM U.S.A, INC.)
FirewallRules: [{B4629869-053C-4B75-B553-CEA4A53EF145}] => (Allow) C:\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe (Square Enix LTD -> Eidos Inc.)
FirewallRules: [{F2FA1D4E-5B04-4C38-A999-38816CD760E1}] => (Allow) C:\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe (Square Enix LTD -> Eidos Inc.)
FirewallRules: [{3CF45F84-A225-426D-A740-352640D158B3}] => (Allow) LPort=9009
FirewallRules: [{75AE4769-84ED-4593-AF9B-1D59285A6F2C}] => (Allow) LPort=9009
FirewallRules: [{531F6CEF-CFFC-47D2-A34A-F811078439AA}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation_Server\HomeCloud\HCLOUD.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
FirewallRules: [{128EA9C0-9194-45D2-AC85-AB577B257820}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation_Server\RemoteOC\ubssrv_oc_only.exe () [Archivo no firmado]
FirewallRules: [{089B9643-432A-4D97-B4A1-506C8533B1DF}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation_Server\RemoteControl\grckm.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{DF5DADF9-8F58-45A4-8700-559ACA020163}] => (Allow) LPort=1980
FirewallRules: [{08EAFCD8-0C08-4AB2-8ED8-32AB0C68E0AA}] => (Allow) LPort=1900
FirewallRules: [{05B351BD-B56D-4440-99ED-6CC68112858A}] => (Allow) LPort=1900
FirewallRules: [{0C6F3E20-B546-4396-A26A-E36B8737824C}] => (Allow) LPort=8860
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\TriDef\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe] => Enabled:TriDef 3D Media Player

==================== Puntos de Restauración =========================

01-12-2019 14:59:10 Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820
12-12-2019 01:12:23 Windows Update

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (01/08/2020 01:08:33 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7588,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/08/2020 12:08:33 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5628,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/07/2020 11:04:47 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12296,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/07/2020 10:08:33 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6344,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/07/2020 09:54:17 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11464,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/07/2020 09:08:33 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11644,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/07/2020 08:09:42 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7148,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/07/2020 07:43:37 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3192,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


Errores del sistema:
=============
Error: (01/08/2020 08:48:08 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: No se puede enlazar con el transporte subyacente para 192.168.0.171:9009. Es posible que la lista IP de solo escucha contenga una referencia a una interfaz que no existe en este equipo. El campo de datos contiene el número de error.

Error: (01/08/2020 01:49:48 AM) (Source: HTTP) (EventID: 15005) (User: )
Description: No se puede enlazar con el transporte subyacente para 192.168.0.171:9009. Es posible que la lista IP de solo escucha contenga una referencia a una interfaz que no existe en este equipo. El campo de datos contiene el número de error.

Error: (01/08/2020 01:09:25 AM) (Source: HTTP) (EventID: 15005) (User: )
Description: No se puede enlazar con el transporte subyacente para 192.168.0.171:9009. Es posible que la lista IP de solo escucha contenga una referencia a una interfaz que no existe en este equipo. El campo de datos contiene el número de error.

Error: (01/08/2020 01:04:05 AM) (Source: HTTP) (EventID: 15005) (User: )
Description: No se puede enlazar con el transporte subyacente para 192.168.0.171:9009. Es posible que la lista IP de solo escucha contenga una referencia a una interfaz que no existe en este equipo. El campo de datos contiene el número de error.

Error: (01/07/2020 11:39:15 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: No se puede enlazar con el transporte subyacente para 192.168.0.171:9009. Es posible que la lista IP de solo escucha contenga una referencia a una interfaz que no existe en este equipo. El campo de datos contiene el número de error.

Error: (01/07/2020 10:53:11 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: No se puede enlazar con el transporte subyacente para 192.168.0.171:9009. Es posible que la lista IP de solo escucha contenga una referencia a una interfaz que no existe en este equipo. El campo de datos contiene el número de error.

Error: (01/07/2020 10:24:45 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: No se puede enlazar con el transporte subyacente para 192.168.0.171:9009. Es posible que la lista IP de solo escucha contenga una referencia a una interfaz que no existe en este equipo. El campo de datos contiene el número de error.

Error: (01/07/2020 02:48:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Origin Web Helper Service se terminó de manera inesperada. Esto ha sucedido 1 veces.


Windows Defender:
===================================
Date: 2020-01-07 14:47:31.431
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {14F5F66A-6050-433D-90F0-A1600EF71ABC}
Tipo de examen: Antimalware
Parámetros de examen: Examen personalizado
Usuario: MATROSKA-PC\MATROSKA

Date: 2020-01-07 14:28:52.187
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.A!ml&threatid=2147735504&enterprise=0
Nombre: Trojan:Win32/Wacatac.A!ml
Id.: 2147735504
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: containerfile:_C:\Blade\Pruebas\UltraISO__v9.33_-_Premium_Edition_-_Multilenguaje___Keygen.zip; file:_C:\Blade\Pruebas\UltraISO__v9.33_-_Premium_Edition_-_Multilenguaje___Keygen.zip->UltraISO  v9.33 - Premium Edition - Multilenguaje + Keygen/UltraISO Premium Edition/Core/keygen.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.307.1862.0, AS: 1.307.1862.0, NIS: 1.307.1862.0
Versión de motor: AM: 1.1.16600.7, NIS: 1.1.16600.7

Date: 2020-01-07 14:28:35.460
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.A!ml&threatid=2147735506&enterprise=0
Nombre: Trojan:Win32/Conteban.A!ml
Id.: 2147735506
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Blade\Pen 16 GB\Instaladores\Utiles\Your Uninstaller\Actualizado\Keygen\Keygen-FFF\Keygen.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.307.1862.0, AS: 1.307.1862.0, NIS: 1.307.1862.0
Versión de motor: AM: 1.1.16600.7, NIS: 1.1.16600.7

Date: 2020-01-07 14:27:24.029
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0
Nombre: Trojan:Win32/Wacatac.B!ml
Id.: 2147735505
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: containerfile:_C:\Back 500\D\Cd's\CD's Mios\Matthew VIII\Juegos\Aidyn Chronicles\Aidyn_Chronicles_-_the_First_Mage.exe; containerfile:_C:\Back 500\D\Cd's\CD's Mios\Matthew VII\Juegos\1080 Snowboarding\1080_Snowboarding.exe; containerfile:_C:\Back 500\D\Cd's\CD's Mios\Matthew VII\Juegos\Castlevania II - Legacy of Darkness\Castlevania_-_Legacy_of_Darkness.exe; containerfile:_C:\Back 500\D\Instaladores\project64_1.7.0.55.exe; file:_C:\Back 500\D\Cd's\CD's Mios\Matthew VIII\Juegos\Aidyn Chronicles\Aidyn_Chronicles_-_the_First_Mage.exe->(RarSfx)->Plugin\Input\NRage DInput8 V2.2.dll; file:_C:\Back 500\D\Cd's\CD's Mios\Matthew VII\Juegos\1080 Snowboarding\1080_Snowboarding.exe->(RarSfx)->Plugin\Input\NRage DInput8 V2.2.dll; file:_C:\Back 500\D\Cd's\CD's Mios\Matthew VII\Juegos\Castlevania II - Legacy of Darkness\Castlevania_-_Legacy_of_Darkness.exe->(RarSfx)->Plugin\Input\NRage DInput8 V2.2.dll; file:_C:\Back 500\D\Instaladores\project64_1.7.0.55.exe->(UPX)->(ishld-Project64 1.7.0.55.msi)->Data1.cab->nrage_dinput8_
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.307.1862.0, AS: 1.307.1862.0, NIS: 1.307.1862.0
Versión de motor: AM: 1.1.16600.7, NIS: 1.1.16600.7

Date: 2020-01-07 14:27:24.028
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Nombre: Trojan:Win32/Tiggre!rfn
Id.: 2147723625
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: containerfile:_C:\Back 500\D\Cd's\CD's Mios\Matthew VIII\Juegos\Aidyn Chronicles\Aidyn_Chronicles_-_the_First_Mage.exe; containerfile:_C:\Back 500\D\Cd's\CD's Mios\Matthew VII\Juegos\1080 Snowboarding\1080_Snowboarding.exe; containerfile:_C:\Back 500\D\Cd's\CD's Mios\Matthew VII\Juegos\Castlevania II - Legacy of Darkness\Castlevania_-_Legacy_of_Darkness.exe; containerfile:_C:\Back 500\D\Instaladores\project64_1.7.0.55.exe; file:_C:\Back 500\D\Cd's\CD's Mios\Matthew VIII\Juegos\Aidyn Chronicles\Aidyn_Chronicles_-_the_First_Mage.exe->(RarSfx)->NRage-Language-1034.dll; file:_C:\Back 500\D\Cd's\CD's Mios\Matthew VII\Juegos\1080 Snowboarding\1080_Snowboarding.exe->(RarSfx)->NRage-Language-1034.dll; file:_C:\Back 500\D\Cd's\CD's Mios\Matthew VII\Juegos\Castlevania II - Legacy of Darkness\Castlevania_-_Legacy_of_Darkness.exe->(RarSfx)->NRage-Language-1034.dll; file:_C:\Back 500\D\Instaladores\project64_1.7.0.55.exe->(UPX)->(ishld-Project64 1.7.0.55.msi)->Data1.cab->nrage_language_1034.dll
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.307.1862.0, AS: 1.307.1862.0, NIS: 1.307.1862.0
Versión de motor: AM: 1.1.16600.7, NIS: 1.1.16600.7

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. F11 03/13/2019
Placa base: Gigabyte Technology Co., Ltd. Z370M DS3H-CF
Procesador: Intel(R) Core(TM) i7-8700 CPU @ 3.20GHz
Porcentaje de memoria en uso: 14%
RAM física total: 32711.9 MB
RAM física disponible: 27901.09 MB
Virtual total: 65479.9 MB
Virtual disponible: 58460.95 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:912.02 GB) (Free:139.7 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:157.01 GB) NTFS

\\?\Volume{263e94c3-4cc3-11e9-88e1-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{89a11c91-0000-0000-0000-d0afe8000000}\ () (Fixed) (Total:0.76 GB) (Free:0.33 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 89A11C91)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=912 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=782 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 852FD338)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=06)

==================== Final de Addition.txt =======================

Cómo lo ves?

Aparentemente no se ve nada extraño.

Ese “program” que tienes deshabilitado…si en la pestaña inicio de el administrador de tareas, haces boton derecho - ver ubicacion del archivo–sale algo?

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

Task: {6A4F189D-629A-4AB1-8A02-D859328AD3EF} - \Microsoft\Windows\Setup\EOSNotify -> Ningún archivo <==== ATENCIÓN
Handler: WSISAllmytubechrome - Sin valor CLSID
U3 idsvc; no ImagePath


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro (Aplicable a Windows 10)?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)

  • Ejecutas Frst.exe.

  • Presionas el botón Corregir y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el problema

Hola, Miguelgrado, te cuento: Haciendo botón derecho en “Program” tiene las opciones “Abrir ubicación del archivo” y “Propiedades” en gris, deshabilitadas; e incluso probé hacerles click, pero no hace nada. Solo me deja habilitarlo o deshabilitarlo (lo deshabilité antes de hacer los tutoriales que me indicaste, por precaución), y “Buscar en línea”, esto último algo que me imagino que no sería bueno, porque si es bicho, terminaría activándolo de alguna manera. Seguí el segundo tutorial que indicaste, acá te pego el Fixlog.txt:

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 08-01-2020
Ejecutado por MATROSKA (09-01-2020 18:49:23) Run:1
Ejecutado desde C:\Users\MATROSKA\Desktop
Perfiles cargados: MATROSKA (Perfiles disponibles: MATROSKA)
Modo de Inicio: Safe Mode (minimal)
==============================================

fixlist contenido:
*****************
Start
CreateRestorePoint:
CloseProcesses:

Task: {6A4F189D-629A-4AB1-8A02-D859328AD3EF} - \Microsoft\Windows\Setup\EOSNotify -> Ningún archivo <==== ATENCIÓN
Handler: WSISAllmytubechrome - Sin valor CLSID
U3 idsvc; no ImagePath


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: El punto de restauración solamente puede ser creado en modo normal.
Procesos cerrados correctamente.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6A4F189D-629A-4AB1-8A02-D859328AD3EF}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A4F189D-629A-4AB1-8A02-D859328AD3EF}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify" => eliminado correctamente
HKLM\Software\Classes\PROTOCOLS\Handler\WSISAllmytubechrome => eliminado correctamente
Handler: WSISAllmytubechrome - Sin valor CLSID => no pudo ser eliminado.: incorrect path. 
HKLM\System\CurrentControlSet\Services\idsvc => eliminado correctamente
idsvc => servicio eliminado correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-2747003501-3174584430-2147103000-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-2747003501-3174584430-2147103000-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= Final de CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores



========= Final de CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= Final de CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8937472 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10115055 B
Java, Flash, Steam htmlcache => 417741027 B
Windows/system/drivers => 540916 B
Edge => 34304 B
Chrome => 0 B
Firefox => 144247416 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 39714 B
Users => 39714 B
ProgramData => 39714 B
Public => 39714 B
systemprofile => 39714 B
systemprofile32 => 39714 B
LocalService => 46370 B
NetworkService => 67012 B
MATROSKA => 4724053 B

RecycleBin => 0 B
EmptyTemp: => 559.5 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 18:49:32 ====

¿Hay algo más que se pueda hacer, algo tipo ver el inicio de windows en el registro para ver si se puede rastrear a dónde apunta el “Program”, o alguna otra cosa por el estilo?¿O alguna otra cosa?

Posiblemente se trata de un programa que ya no está y solo queda la entrada en el registro.

Abre CCleaner en herramientas,inicio y buscas esa entrada,la marcas y dale a borrar esa entrada.

Dime si se elimino

Sabés que miré entrada por entrada la limpieza del CCleaner, pero no me aparece nada que se llame “Program”. Por las dudas, no arreglé ninguna entrada, solo busqué problemas y miré. Algo más que se pueda hacer?

Abres el adiministrador de tareas de windows y vas a inicio

Haces lo siguiente:

Me pones captura o lo que pone esa linea

1 me gusta

Ahí está! Esto era lo que necesitaba, Miguelgrado! Ahí lo googleé, el Iskysoft es bicho. Cómo hago para sacarlo? El foro no me deja poner imágenes, así que porfa fijate si con ese link que te dejo podés visualizarlo.

Me suponia que era eso.Es un programa que se instalo seguramente junto a algo que desscargaste.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CloseProcesses:

HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\iSkysoft\iTube Studio\DelayPluginI.exe
C:\ProgramData\iSkysoft
C:\Program Files (x86)\Common Files\iSkysoft
HKLM\...\StartupApproved\Run32: => "iSkysoft Helper Compact.exe"

END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro (Aplicable a Windows 10)?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)

  • Ejecutas Frst.exe.

  • Presionas el botón Corregir y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el problema

Te cuento, al final el Script funcionó a medias, porque dijo que algo no lo encontró, te lo pego abajo.

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 08-01-2020
Ejecutado por MATROSKA (11-01-2020 23:24:31) Run:2
Ejecutado desde C:\Users\MATROSKA\Desktop
Perfiles cargados: MATROSKA (Perfiles disponibles: MATROSKA)
Modo de Inicio: Safe Mode (minimal)
==============================================

fixlist contenido:
*****************
Start
CloseProcesses:

HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\iSkysoft\iTube Studio\DelayPluginI.exe
C:\ProgramData\iSkysoft
C:\Program Files (x86)\Common Files\iSkysoft
HKLM\...\StartupApproved\Run32: => "iSkysoft Helper Compact.exe"

END
*****************

Procesos cerrados correctamente.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iSkysoft Helper Compact.exe" => eliminado correctamente
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DelaypluginInstall" => eliminado correctamente
"C:\ProgramData\iSkysoft" => no encontrado
"C:\Program Files (x86)\Common Files\iSkysoft" => no encontrado
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\iSkysoft Helper Compact.exe" => eliminado correctamente
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iSkysoft Helper Compact.exe" => no encontrado


El sistema necesita reiniciarse.

==== Final de Fixlog 23:24:31 ====

Descubrí que el iskysoft también tiene que ver con el Itube, así que que directamente hice una búsqueda de todo lo que tenía que ver con iskysoft y itube en el catalogador Cathy (previamente reindexando el disco C), y lo borré todo a mano. Incluso se había metido en la carpeta de sistema donde están lo Prefetch, que ahora no me acuerdo qué era, pero sí me acuerdo que era algo importante del Windows. Ya no me aparecen más ninguno de los dos en el inicio de windows, así que creo que ya puedo considerar el problema resuelto. Indicame por favor si es así así marco la casilla de solucionado al tema. Muchas gracias por la ayuda, Miguelgrado!

Salido correctamente el uso de frst… Carpetas dice que no encontraron es porque ya no estaban.

Para eliminar las herramientas usadas en la desinfección, realizas:

  • Descargas y Ejecutas >> Delfix, en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >>;Ejecutar como Administrador.)

  • Marca solamente la casilla Remove disinfection tools

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Si queda alguna herramienta, la desinstalas desde panel de Windows y aquellas que no estén listadas, se eliminan directamente.


Me alegro de haberte podido ayudar! :+1:


TEMA SOLUCIONADO

Este tema se cerró automáticamente 2 días después de la última publicación. No se permiten nuevas respuestas.