Me temo que mi pc ha sido infectada por el molesto virus y a pesar de haber intentado por todos los medios posibles desinstalarlo, continúa ahí ejecutándose. Si alguien pudiera ayudarme estaría muy agradecido!!!
1 me gusta
Hola, buenas @Defcon.
Al ser nuevo te recomiendo que te leas las políticas de este. No porque hayas hecho nada mal, sino para saber más acerca del funcionamiento de este.
EN BUSCA / ELIMINACIÓN DE MALWARE
(Mantén conectados todos tus dispositivos externos que tengas como: USBs, discos duros externos, etc).
Por favor, descarga todo el software de los enlaces que pongo/de sus respectivos manuales.
Ahora ejecutarás una serie de herramientas respetando el orden, los pasos con todos los programas cerrados, incluidos los navegadores.
Conectas todos tus dispositivos externos (todos los discos duros externos que tengas, así como todas las USB que tengas y discos duros externos si también tienes.
Realiza los pasos que te pongo a continuación, sin cambiar el orden y síguelos al pie de la letra:
0) Descarga Ccleaner Aquí te dejo su manual: Manual de CCleaner , para que sepas como usarlo y configurarlo correctamente.
Lo instalas y lo ejecutas. En la pestaña Limpieza personalizada dejas la configuración predeterminada. Haces clic en Analizar y esperas a que termine. Seguidamente, haz clic en Ejecutar Limpiador. Clic en la pestaña Registro > clic en Buscar Problemas esperas que termine. Finalmente, clic en Reparar Seleccionadas y realizas una Copia de Seguridad del registro de Windows.
1) Descarga, instala, actualiza y ejecuta Malwarebytes’ Anti-Malware. Aquí te dejo su manual: Manual de Malwarebytes, para que sepas como usarlo y configurarlo correctamente.
- Realizas un Análisis Personalizado, marcando Todas las casillas de la Derecha y de la Izquierda, actualizando si te lo pide. Es decir: conectas todos tus dispositivos externos (todos los discos duros externos que tengas, así como todas las USB que tengas, incluida la que me has dicho anteriormente y marcas todas las unidades de disco disponibles y las siguientes casillas:
1. Analizar objetos en memoria
2. Analizar configuracion de inicio y registro
3. Analizar dentro de los archivos
- Pulsar en “Eliminar Seleccionados” para enviar las infecciones a la cuarentena y Reinicias el ordenador.
- Para acceder posteriormente al informe del análisis te diriges a: Informes >> Registro de análisis >> pulsas en Exportar >> Copiar al Portapapeles y pones el informe en tu próxima respuesta.
2) Descarga Adwcleaner en el escritorio.
- Desactiva tu antivirus
Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado. - Ejecuta Adwcleaner.exe (Si usas Windows Vista/7/8 u 10 presiona clic derecho y selecciona “Ejecutar como Administrador.”)
- Pulsar en el botón Analizar Ahora, y espera a que se termine el análisis. Inmediatamente, pulsa sobre el botón Iniciar Reparación.
- Espera a que termine y sigue las instrucciones que te aparezcan. Si te pidiera Reiniciar, pues reinicias el ordenador pulsando en Aceptar.
- Si no encuentra nada, pulsa en Omitir Reparación.
- El log lo encontrarás en la pestaña Informes, volviendo a abrir el programa, si es necesario o en la siguiente ubicación: C:\AdwCleaner\Logs\AdwCleaner[C0].txt.
- Para más información aquí te dejo su manual: Manual de Adwcleaner.
- Activa de nuevo tu antivirus y cualquier programa de seguridad que tengas activado.
3) Utiliza nuevamente CCleaner tal como te dije en el punto 0.
Pegas los reportes de Malwarebytes y AdwCleaner y comentas como va el problema inicial planteado por el cual abriste este tema. También responde a las preguntas que te haya realizado a lo largo de este Post, siempre que te haya hecho alguna, si no, no
NOTA IMPORTANTE
Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:
- No realices pasos/acciones que NOSOTROS no te hayamos indicado.
- No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
- No instales NADA (programas/software/complementos/extensiones del navegador…).
- No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
- No realices por tu cuenta otros procedimientos.
- Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.
Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:
Salu2.
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 10/8/22
Hora del análisis: 19:24
Archivo de registro: 32756ee6-18fb-11ed-96ff-e0d55e456318.json
-Información del software-
Versión: 4.5.12.204
Versión de los componentes: 1.0.1725
Versión del paquete de actualización: 1.0.58446
Licencia: Prueba
-Información del sistema-
SO: Windows 10 (Build 19043.1889)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-1P52CJS\German
-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 1009099
Amenazas detectadas: 1
Amenazas en cuarentena: 0
Tiempo transcurrido: 29 min, 48 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 1
AutoKMS.HackTool.Patcher.DDS, C:\USERS\GERMAN\DOWNLOADS\KMSPICO\KMSPICO ACTIVATOR\KMSPICO-SETUP.EXE, Sin acciones por parte del usuario, 1000002, 0, 1.0.58446, E8EB30E324C9F784B397287A, dds, 01897704, A02164371A50C5FF9FA2870EF6E8CFA3, 64C731ADBE1B96CB5765203B1E215093DCF268D020B299445884A4AE62ED2D3A
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-06-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-10-2022
# Duration: 00:00:07
# OS: Windows 10 Pro
# Scanned: 32034
# Detected: 4
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.Legacy C:\Users\German\AppData\Roaming\Tencent
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.ProductSetup.A HKCU\Software\PRODUCTSETUP
PUP.Optional.SearchManager HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
PUP.Optional.SearchManager HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Me temo que el reporte de ccleaner lo ha guardado como .reg y no me deja subirlo o abrirlo. Aún así ha eliminado bastantes archivos pero el problema con Altruist aún persiste
Antes de eso yo ya había corrido antimalware y envió unos 70 archivos a cuarentena pero no tengo manera de que cree un .txt para mostrar dichos archivos. ¿Debería eliminarlos?
1 me gusta
Hola buenas @Defcon
Veo que tienes al p*** KMSPICO este debe de ir a la cuarentena de cabeza si o si. Así que ponlo a la cuarentena.
Y sí, también tienes varios Adwares. Sigamos pues…
Este programa no elimina malware como tal, sino que sirve para optimizar y limpiar el PC de “basura y de cosas inútiles” por decirlo así, para que me entiendas. Él .reg es un fichero de copia de seguridad/backup del registro de Windows, esto es porque si se revienta algo del registro o algo va mal o se daña algo del Regedit, pues puedes tirar de esta copia a un estado anterior del problema.
Ya, ya me imagino que aún sigue allí, tranquilo.
¿Qué programa antimalware dices que puso estos 70 archivos a la cuarentena?
Si se encuentran a la CUARENTENA estos ya son inofensivos y quedan totalmente neutralizados, a no ser que restaures la CUARENTENA, entonces los bichos vuelven a la vida.
Dime que programa es y genera este informe, sino puedes dime el programa y te indico.
Salu2.
El programa en cuestion es Malwarebytes. Aunque se encuentran en cuarentena desconozco si se puede generar un informe de los elementos de la cuarentena.
1 me gusta
OK 
No creo que sea necesario.
Sigamos…
EN BUSCA / ELIMINACIÓN DE MALWARE
Realiza los pasos que te pongo a continuación, sin cambiar el orden y síguelos al pie de la letra:
Conectas todos tus dispositivos externos (todos los discos duros externos que tengas, USB, etc).
0) Descarga Eset Online Scaner Manual de Uso y realizas un análisis del PC, lee detalladamente las instrucciones y realizas un Análisis Personalizado tal y como se indica en su manual. Me traes su reporte.
1) Descarga Kasperky Virus Removal Tool Manual de Uso y realizas un análisis del PC, lee detalladamente las instrucciones y lo realizas tal y como se indica en su manual. En este caso no da reporte alguno, cuando finalice, presionas en la pestaña Report tal y como se indica en su manual y haces una captura de pantalla y la subes.
PRÓXIMA RESPUESTA
Pegas los reportes de Eset Online Scaner y Kasperky Virus Removal Tool (captura de pantalla) y comentas como va el PC.
NOTA IMPORTANTE
Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:
- No realices pasos/acciones que NOSOTROS no te hayamos indicado.
- No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
- No instales NADA (programas/software/complementos/extensiones del navegador…).
- No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
- No realices por tu cuenta otros procedimientos.
- Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.
Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:
Salu2.
Eset
11/8/2022 17:30:39
Archivos explorados: 885143
Archivos detectados: 2
Archivos desinfectados: 2
Tiempo total de exploración 01:36:56
Estado de la exploración: Finalizado
C:\Windows\SECOH-QAD.dll Win64/HackKMS.D aplicación potencialmente no segura desinfectado por eliminación
C:\Windows\SECOH-QAD.exe Win64/HackKMS.C aplicación potencialmente no segura desinfectado por eliminación
En el caso de Kaspersky no me deja abrir los registros de análisis por eso subo una captura. Aún sigo con el malware activo.
1 me gusta
Hola buenas @Defcon
ESET >> Ok.
Kaspersky >> lo que comentas es normal y no detecta nada.
OK.
¿Con Malwarebytes pusiste todo lo detectado en CUARENTENA?
Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.
LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).
Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?
Farbar Recovery Scan Tool
-
Ejecutas el FRST.exe (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).
-
Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.
-
En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.
-
Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.
Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado. También conectas nuevamente tu equipo a Internet.
PRÓXIMA RESPUESTA
Pegas los reportes de FRST y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).
NOTA IMPORTANTE
Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:
- No realices pasos/acciones que NOSOTROS no te hayamos indicado.
- No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
- No instales NADA (programas/software/complementos/extensiones del navegador…).
- No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
- No realices por tu cuenta otros procedimientos.
- Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.
Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:
Salu2.
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(D:\Epic Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) D:\Epic Games\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(D:\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) D:\Epic Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) D:\Steam\steam.exe
(Google Inc -> Google LLC) C:\Users\German\AppData\Local\Google\Update\GoogleUpdate.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Altruistic Software -> Altruistic Software) [Archivo no firmado] C:\ProgramData\Altruistic\Altruistic.exe <2>
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(sihost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9230816 2017-07-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-08-25] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213760 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Genshin Impact Beta_Launcher] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\Run: [Steam] => D:\Steam\steam.exe [4230544 2022-07-26] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\Run: [Chromium] => "c:\users\german\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session [828416 2017-01-20] (The Chromium Authors) [Archivo no firmado]
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\Run: [EpicGamesLauncher] => D:\Epic Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32706000 2022-07-19] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\Run: [Google Update] => C:\Users\German\AppData\Local\Google\Update\1.3.36.132\GoogleUpdateCore.exe [227512 2022-05-01] (Google LLC -> Google LLC)
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\Run: [Spotify] => C:\Users\German\AppData\Roaming\Spotify\Spotify.exe [19855264 2022-08-04] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\Run: [MicrosoftEdgeAutoLaunch_555553788151A9DE9E22673E3AA7F13F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827112 2022-08-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [37054552 2022-07-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\MountPoints2: {98647291-5750-11eb-8c34-e0d55e456318} - "F:\OnePlus_setup.exe" /s
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\MountPoints2: {ab07a6cb-910b-11ec-8c61-e0d55e456318} - "F:\OnePlus_setup.exe" /s
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\MountPoints2: {ab07a727-910b-11ec-8c61-e0d55e456318} - "F:\OnePlus_setup.exe" /s
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\104.0.5112.81\Installer\chrmstp.exe [2022-08-09] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {0961DAE7-DED5-4773-99FC-9C8B613DCCFA} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\German\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-08-10] (ESET, spol. s r.o. -> ESET)
Task: {0A3613A7-95D2-42E6-AA73-7673D704BB2E} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {1378B69F-751B-44FD-BE82-551F44A4EE42} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {14360C27-6039-4F0B-871D-C22EAE9589C7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8406496 2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {16B90B7E-5E26-4931-AC53-4349A8B5EDC6} - System32\Tasks\Opera scheduled Autoupdate 1660063611 => C:\Users\German\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Ningún archivo)
Task: {1A239259-6A9F-483A-9A76-7C3986D698B9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {1AA58CC6-4270-46D8-BB88-D6C5EC39C055} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2056E232-E539-407F-924E-A59CE4E4166C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {259FF5D1-F3F1-4B40-9CC2-8C4D97B3B1ED} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {313260A2-4DFA-443E-88A0-AA54D5F72B4B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3D5ABED6-83A8-4255-9917-81738106CEC7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145328 2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {3DFE0753-0B17-415E-82BE-6A640E53F376} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-10] (Microsoft Windows -> Microsoft Corporation)
Task: {3EC9A433-31D3-4198-AAAD-471EAC647804} - System32\Tasks\GoogleUpdateTaskMachineUA{D512FE4D-8749-4EE6-8F4D-699F6DBAFADD} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-06-14] (Google Inc -> Google Inc.)
Task: {49653527-080A-4A2F-BBE5-D64DB6BD40F8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {5259CA7C-36B8-45DC-9D8B-E069B6FEBB03} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5A45811A-7F97-4DDC-9436-D4574ECFC884} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-60943599-1268960206-3839154373-1001Core{A69D28FF-D9AD-4837-B536-5995C0023926} => C:\Users\German\AppData\Local\Google\Update\GoogleUpdate.exe [155432 2019-10-18] (Google Inc -> Google LLC)
Task: {601AEE19-3061-4FA3-B324-3E1F3AA02EAF} - System32\Tasks\GoogleUpdateTaskMachineCore{9FFE43B8-07FF-4CB6-BE82-20AD366286AB} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-06-14] (Google Inc -> Google Inc.)
Task: {6D286C8A-58E5-48CF-906F-CA41B291AB39} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-07-18] (Piriform Software Ltd -> Piriform)
Task: {7308BA47-DA68-4F86-AE92-66F60E99BAE3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-60943599-1268960206-3839154373-1001UA{6734A64C-C24E-4273-B22B-F70FDA5ED79C} => C:\Users\German\AppData\Local\Google\Update\GoogleUpdate.exe [155432 2019-10-18] (Google Inc -> Google LLC)
Task: {862B36F5-C75A-4AC6-B5CB-E58563F897F2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {88E73F95-C55D-442F-AA25-B9CA9C8CED6F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\German\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-08-10] (ESET, spol. s r.o. -> ESET)
Task: {9E29B62A-4FDE-45AA-9901-2F2A69337770} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145328 2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {AEF10356-1FF4-4A05-BA3B-5468B6EBC8BB} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61856 2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {B250AA17-3541-401D-8570-53D1DF308D2A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B8CA12CC-304E-4F2D-80E1-2C2D0C9D37B2} - System32\Tasks\CCleanerSkipUAC - German => C:\Program Files\CCleaner\CCleaner.exe [31101528 2022-07-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C963BF1C-2563-4552-B422-461EAEB109F8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {E30816BB-E011-43AF-BDE8-60DE9255955A} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-10] (Microsoft Windows -> Microsoft Corporation)
Task: {E5A9CDDD-6D38-45E7-93B4-60680943C50E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8406496 2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7544ACE-678E-486A-A81F-2968DB7231AC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4928768 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
Task: {FEDBE244-BABF-4619-BCA9-7AAA8F5C91D8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
AutoConfigURL: [{1A6B70D3-BF32-4E36-A637-7E2F9717EA9D}] => hxxp://127.0.0.1:86/ <==== ATENCIÓN
AutoConfigURL: [{F0CCE269-1B3D-421C-9114-DB70367A9782}] => hxxp://127.0.0.1:86/ <==== ATENCIÓN
Tcpip\Parameters: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{746a57e3-000b-4a3c-bae2-7c05822a906b}: [DhcpNameServer] 186.130.128.250 186.130.129.250
Edge:
=======
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
Edge DefaultProfile: Default
Edge Profile: C:\Users\German\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-12]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\German\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-08-12]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Archivo no firmado]
FF Plugin-x32: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-07-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-07-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\German\AppData\Local\Google\Chrome\User Data\Default [2022-08-12]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-06-24]
CHR Extension: (Steamcito: Steam con impuestos Argentina 2022) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcjljapncagfmfhdkccgnbkgdpbcefcj [2022-07-14]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-18]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-07-20]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2022-07-21]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-08-12]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2022-08-06]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\German\AppData\Roaming\Opera Software\Opera Stable [2022-08-10]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
"AltruisticsService" => servicio fue desbloqueado. <==== ATENCIÓN
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3863256 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3701464 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AltruisticsService; C:\ProgramData\Altruistic\Altruistic.exe [18029528 2022-08-09] (Altruistic Software -> Altruistic Software) [Archivo no firmado]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8507448 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [589568 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [589056 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-31] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12102608 2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-07-27] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-02-26] (EasyAntiCheat Oy -> Epic Games, Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8680192 2022-08-09] (Malwarebytes Inc. -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [808728 2022-08-09] (McAfee, LLC -> McAfee, LLC)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
S2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2021-06-28] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6255896 2022-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ZeroTierOneService; C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe [1788400 2019-09-04] (ZeroTier, Inc. -> )
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [1459384 2021-04-04] (Tencent Technology(Shenzhen) Company Limited -> ANTICHEATEXPERT.COM)
S3 ACE-GAME; C:\WINDOWS\system32\drivers\ACE-GAME.sys [387752 2021-04-04] (Tencent Technology(Shenzhen) Company Limited -> ANTICHEATEXPERT.COM)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [41832 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [235576 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [389120 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [258048 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [104960 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [24528 2022-08-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [47976 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [275024 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [553928 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [113968 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [89032 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [859872 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [670776 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221512 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324840 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
S3 gdrv; C:\Windows\gdrv.sys [26192 2018-06-14] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-08-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2719256 2020-02-29] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 zttap300; C:\WINDOWS\System32\drivers\zttap300.sys [30488 2018-03-16] (ZeroTier Networks LLC -> ZeroTier Networks LLC)
S3 rsDwf; \SystemRoot\system32\DRIVERS\rsDwf.sys [X]
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) (Lista blanca) =========
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2022-08-12 19:06 - 2022-08-12 19:06 - 000030031 _____ C:\Users\German\Desktop\FRST.txt
2022-08-12 19:06 - 2022-08-12 19:06 - 000000000 ____D C:\FRST
2022-08-11 20:41 - 2022-08-11 20:41 - 002370048 _____ (Farbar) C:\Users\German\Desktop\FRST64.exe
2022-08-11 17:32 - 2022-08-11 17:32 - 000357136 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_6f450ec0a_klark.sys
2022-08-11 17:31 - 2022-08-11 17:31 - 000299544 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\6f450ec0.sys
2022-08-11 17:31 - 2022-08-11 17:31 - 000270752 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_6f450ec0a_mark.sys
2022-08-11 17:31 - 2022-08-11 17:31 - 000000000 ____D C:\KVRT2020_Data
2022-08-11 17:30 - 2022-08-11 20:43 - 000003020 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2022-08-11 17:30 - 2022-08-11 20:43 - 000002640 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2022-08-11 17:30 - 2022-08-11 17:30 - 000000790 _____ C:\Users\German\Desktop\eset.txt
2022-08-10 21:00 - 2022-08-11 13:49 - 000001379 _____ C:\Users\German\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-08-10 21:00 - 2022-08-11 13:49 - 000001273 _____ C:\Users\German\Desktop\ESET Online Scanner.lnk
2022-08-10 21:00 - 2022-08-10 21:00 - 000000000 ____D C:\Users\German\AppData\Local\ESET
2022-08-10 20:58 - 2022-08-10 21:03 - 119695440 _____ (AO Kaspersky Lab) C:\Users\German\Desktop\KVRT.exe
2022-08-10 20:57 - 2022-08-10 20:58 - 015274968 _____ (ESET) C:\Users\German\Downloads\esetonlinescanner.exe
2022-08-10 20:28 - 2022-08-10 20:28 - 000001815 _____ C:\Users\German\Downloads\1.txt
2022-08-10 20:28 - 2022-08-10 20:28 - 000001815 _____ C:\Users\German\Downloads\1 (1).txt
2022-08-10 20:26 - 2022-08-10 20:26 - 000001691 _____ C:\Users\German\Desktop\AdwCleaner[S00].txt
2022-08-10 20:10 - 2022-08-10 20:11 - 000000000 ____D C:\AdwCleaner
2022-08-10 20:09 - 2022-08-10 20:10 - 008551608 _____ (Malwarebytes) C:\Users\German\Downloads\adwcleaner.exe
2022-08-10 20:02 - 2022-08-10 20:02 - 000001815 _____ C:\Users\German\Desktop\1.txt
2022-08-10 19:14 - 2022-08-10 19:14 - 000458916 _____ C:\Users\German\Desktop\cc_20220810_191401.reg
2022-08-10 18:44 - 2022-08-10 18:44 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-08-10 18:44 - 2022-08-10 18:44 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-08-10 18:43 - 2022-08-10 18:43 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-08-10 18:43 - 2022-08-10 18:43 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-08-10 18:43 - 2022-08-10 18:43 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-10 18:43 - 2022-08-10 18:43 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-08-10 18:43 - 2022-08-10 18:43 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-08-10 18:43 - 2022-08-10 18:43 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-08-10 18:38 - 2022-08-10 18:38 - 000000000 ___HD C:\$WinREAgent
2022-08-10 18:26 - 2022-08-12 18:46 - 000000000 ____D C:\Program Files\CCleaner
2022-08-10 18:26 - 2022-08-11 20:43 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-08-10 18:26 - 2022-08-11 20:43 - 000002252 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - German
2022-08-10 18:26 - 2022-08-10 18:26 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-08-10 18:26 - 2022-08-10 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-08-10 18:24 - 2022-08-10 18:25 - 049909560 _____ (Piriform Software Ltd) C:\Users\German\Downloads\ccsetup602.exe
2022-08-09 14:04 - 2022-08-09 14:04 - 007521232 _____ (VS Revo Group ) C:\Users\German\Downloads\revosetup.exe
2022-08-09 14:04 - 2022-08-09 14:04 - 000001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2022-08-09 14:04 - 2022-08-09 14:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-08-09 14:04 - 2022-08-09 14:04 - 000000000 ____D C:\Program Files\VS Revo Group
2022-08-09 13:57 - 2022-08-09 13:57 - 002556344 _____ (Malwarebytes) C:\Users\German\Downloads\MBSetup.exe
2022-08-09 13:49 - 2022-08-09 13:49 - 000005016 _____ C:\ProgramData\rsEngine.config.backup
2022-08-09 13:48 - 2022-08-09 13:52 - 000000000 ____D C:\Program Files\RAVAntivirus
2022-08-09 13:48 - 2022-08-09 13:51 - 000000000 ____D C:\Program Files (x86)\rsStubActivator-1.1.1
2022-08-09 13:46 - 2022-08-12 18:43 - 000000000 ____D C:\ProgramData\Altruistic
2022-08-09 13:46 - 2022-08-11 20:43 - 000003614 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1660063611
2022-08-09 13:46 - 2022-08-09 13:50 - 000000000 ____D C:\Users\German\AppData\Roaming\Altruistic
2022-08-09 13:46 - 2022-08-09 13:46 - 000001092 _____ C:\Users\German\Downloads\universal adobe patcher.exe.lnk
2022-08-09 13:46 - 2022-08-09 13:46 - 000000000 ____D C:\Users\German\AppData\Roaming\Opera Software
2022-08-09 13:46 - 2022-08-09 13:46 - 000000000 ____D C:\Users\German\AppData\Local\TaskbarSystem
2022-08-09 13:46 - 2022-08-09 13:46 - 000000000 ____D C:\Users\German\AppData\Local\Opera Software
2022-08-09 13:46 - 2022-08-09 13:46 - 000000000 ____D C:\Program Files\McAfee
2022-08-09 13:45 - 2022-08-09 13:46 - 000000000 ____D C:\ProgramData\McAfee
2022-08-07 17:23 - 2022-08-07 17:23 - 000000000 ____D C:\Users\German\Desktop\Divine frequency
2022-08-05 21:18 - 2022-08-05 21:18 - 000270592 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-08-05 21:18 - 2022-08-05 21:18 - 000221512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-07-28 14:08 - 2022-07-28 14:08 - 000000000 ____D C:\Users\German\AppData\Local\HLL
2022-07-28 14:08 - 2022-07-28 14:08 - 000000000 ____D C:\Users\German\AppData\Local\AWSToolkit
2022-07-20 16:24 - 2022-07-20 16:24 - 000000000 ____D C:\Users\German\AppData\Local\EternalEvil
2022-07-17 20:33 - 2022-07-17 20:33 - 000000000 ____D C:\Users\German\Downloads\ddscraCs6ggf
2022-07-17 20:32 - 2022-07-17 20:32 - 001287764 _____ C:\Users\German\Downloads\ddscraCs6ggf.rar
2022-07-14 19:45 - 2022-07-14 19:45 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-07-14 19:45 - 2022-07-14 19:45 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-07-14 19:45 - 2022-07-14 19:45 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-07-14 19:45 - 2022-07-14 19:45 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll
2022-07-14 19:45 - 2022-07-14 19:45 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-07-14 19:45 - 2022-07-14 19:45 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll
2022-07-14 19:45 - 2022-07-14 19:45 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-07-14 19:45 - 2022-07-14 19:45 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-07-14 19:45 - 2022-07-14 19:45 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-07-14 19:45 - 2022-07-14 19:45 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-07-14 19:45 - 2022-07-14 19:45 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-07-14 19:45 - 2022-07-14 19:45 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2022-07-14 19:45 - 2022-07-14 19:45 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2022-07-14 19:44 - 2022-07-14 19:44 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-07-14 19:44 - 2022-07-14 19:44 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2022-07-14 19:44 - 2022-07-14 19:44 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll
2022-07-14 19:44 - 2022-07-14 19:44 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2022-08-12 19:05 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-08-12 18:57 - 2020-07-05 15:53 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-08-12 18:57 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-12 18:57 - 2018-06-14 09:07 - 000000000 ____D C:\ProgramData\NVIDIA
2022-08-12 18:44 - 2020-01-11 23:48 - 000000000 ____D C:\Users\German\AppData\Local\Spotify
2022-08-12 18:43 - 2020-01-11 23:48 - 000000000 ____D C:\Users\German\AppData\Roaming\Spotify
2022-08-11 21:03 - 2020-10-03 16:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-08-11 20:43 - 2022-05-19 17:48 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-08-11 20:43 - 2022-01-19 12:42 - 000003636 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-11 20:43 - 2022-01-19 12:42 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-08-11 20:43 - 2018-06-19 21:38 - 000000000 ____D C:\Users\German\AppData\Roaming\discord
2022-08-11 20:42 - 2020-10-03 16:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-08-11 20:28 - 2018-06-19 21:38 - 000000000 ____D C:\Users\German\AppData\Local\Discord
2022-08-11 19:30 - 2018-07-10 18:08 - 000000000 ____D C:\Users\German\AppData\Local\D3DSCache
2022-08-11 19:28 - 2018-06-19 21:38 - 000002232 _____ C:\Users\German\Desktop\Discord.lnk
2022-08-11 17:04 - 2021-07-22 18:39 - 000000000 ____D C:\Program Files (x86)\Origin
2022-08-10 21:29 - 2018-07-31 13:03 - 000000000 ____D C:\Users\German\AppData\Roaming\uTorrent
2022-08-10 19:33 - 2018-06-14 09:20 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-10 19:23 - 2020-10-03 16:40 - 001774682 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-10 19:23 - 2019-12-07 11:55 - 000788386 _____ C:\WINDOWS\system32\perfh00A.dat
2022-08-10 19:23 - 2019-12-07 11:55 - 000155774 _____ C:\WINDOWS\system32\perfc00A.dat
2022-08-10 19:23 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF
2022-08-10 19:19 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-08-10 19:18 - 2020-12-30 17:35 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-08-10 19:18 - 2020-10-03 16:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-08-10 19:18 - 2020-10-03 16:31 - 005118888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-08-10 19:18 - 2020-10-03 16:31 - 000008192 ___SH C:\DumpStack.log.tmp
2022-08-10 19:18 - 2018-06-14 09:42 - 000000000 ____D C:\ProgramData\AVAST Software
2022-08-10 19:17 - 2019-12-07 11:58 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-08-10 19:17 - 2019-12-07 11:58 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-08-10 19:17 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-08-10 19:17 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-08-10 19:17 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-08-10 19:17 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-08-10 19:17 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-08-10 19:17 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-08-10 19:17 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-08-10 19:17 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-08-10 19:17 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-08-10 19:17 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-08-10 19:17 - 2019-12-07 06:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-08-10 19:11 - 2020-09-24 00:18 - 000000000 ___DC C:\WINDOWS\Panther
2022-08-10 19:11 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-08-10 19:11 - 2018-09-08 16:09 - 000000000 ____D C:\Users\German\AppData\Local\CrashDumps
2022-08-10 18:45 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-08-10 18:43 - 2020-10-03 16:35 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-08-10 18:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-08-10 18:37 - 2018-06-15 15:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-08-10 18:35 - 2018-06-15 15:04 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-08-09 19:29 - 2018-06-14 09:20 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-08-09 14:04 - 2020-05-06 11:25 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-08-09 14:04 - 2020-05-06 11:25 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-08-09 14:04 - 2020-05-06 11:25 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-08-09 14:02 - 2020-12-30 17:35 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-08-09 13:58 - 2020-05-06 11:25 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-08-09 13:58 - 2020-05-06 11:24 - 000000000 ____D C:\Program Files\Malwarebytes
2022-08-08 14:50 - 2018-06-15 14:35 - 000000000 ____D C:\Program Files\Microsoft Office
2022-08-07 17:18 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-07 12:36 - 2020-06-07 19:59 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-07 12:36 - 2020-06-07 19:59 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-08-05 21:18 - 2022-06-27 11:48 - 000024528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2022-08-05 21:18 - 2021-12-22 18:49 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-08-05 21:18 - 2020-10-21 12:40 - 000275024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-08-05 21:18 - 2020-04-19 20:57 - 000553928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-08-05 21:18 - 2019-12-07 06:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-08-05 21:18 - 2019-01-14 21:58 - 000389120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-08-05 21:18 - 2019-01-08 14:05 - 000258048 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-08-05 21:18 - 2019-01-08 14:05 - 000104960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-08-05 21:18 - 2019-01-08 14:05 - 000041832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-08-05 21:18 - 2018-11-01 14:20 - 000047976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-08-05 21:18 - 2018-06-14 09:49 - 000859872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-08-05 21:18 - 2018-06-14 09:49 - 000670776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-08-05 21:18 - 2018-06-14 09:49 - 000324840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-08-05 21:18 - 2018-06-14 09:49 - 000235576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-08-05 21:18 - 2018-06-14 09:49 - 000113968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-08-05 21:18 - 2018-06-14 09:49 - 000089032 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-08-02 17:24 - 2021-01-27 22:44 - 000000000 ____D C:\Users\German\AppData\Roaming\EasyAntiCheat
2022-07-27 11:49 - 2018-06-15 14:41 - 000000000 ____D C:\Users\German\AppData\Local\Adobe
2022-07-19 18:44 - 2022-01-24 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2022-07-19 18:44 - 2020-03-13 12:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-07-19 18:44 - 2020-03-13 12:25 - 000000000 ____D C:\Program Files (x86)\Java
2022-07-19 18:43 - 2020-03-13 12:25 - 000168144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2022-07-18 21:12 - 2018-07-12 19:13 - 000000000 ____D C:\Users\German\AppData\Local\Warframe
2022-07-18 19:48 - 2020-03-10 22:17 - 000000000 ____D C:\Users\German\AppData\Local\Battle.net
2022-07-18 19:46 - 2022-06-09 16:21 - 000000000 ____D C:\ProgramData\Battle.net_components
2022-07-16 21:11 - 2020-10-03 16:32 - 000000000 ____D C:\Users\German
2022-07-16 21:01 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-07-16 21:01 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-07-16 21:01 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-07-16 21:01 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-07-16 21:01 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-07-16 21:01 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
==================== Archivos en la raíz de algunos directorios ========
2018-06-21 21:28 - 2022-02-05 22:01 - 000000132 _____ () C:\Users\German\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2020-10-10 14:34 - 2021-06-10 19:00 - 000001456 _____ () C:\Users\German\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2020-07-05 17:03 - 2020-07-05 17:03 - 000000000 _____ () C:\Users\German\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
==================== Final de FRST.txt ========================Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 04-08-2022
Ejecutado por German (12-08-2022 19:07:31)
Ejecutado desde C:\Users\German\Desktop
Microsoft Windows 10 Pro Versión 21H1 19043.1889 (X64) (2020-10-03 19:36:35)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
(Si una entrada es incluida en el fixlist, será eliminada.)
Administrador (S-1-5-21-60943599-1268960206-3839154373-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-60943599-1268960206-3839154373-503 - Limited - Disabled)
German (S-1-5-21-60943599-1268960206-3839154373-1001 - Administrator - Enabled) => C:\Users\German
Invitado (S-1-5-21-60943599-1268960206-3839154373-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-60943599-1268960206-3839154373-504 - Limited - Disabled)
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
Adobe CS6 Design and Web Premium (HKLM-x32\...\{402F6F2E-5683-491C-977D-0CA599A07CAF}) (Version: 6 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.0.0.11 - Adobe Inc.)
Apache NetBeans IDE 12.6 (HKLM\...\nbi-nb-all-12.6.0.0.211122) (Version: 12.6 - Apache NetBeans)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.7.6025 - Avast Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Blasphemous (HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\Blasphemous) (Version: - HOODLUM)
CCleaner (HKLM\...\CCleaner) (Version: 6.02 - Piriform)
CDisplayEx 1.10.33 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)
Comprobación de estado de PC Windows (HKLM\...\{8B474A92-CE3A-4F46-B6F1-6DFA1390F826}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Discord (HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{9B504F12-DA3B-4CEC-A6FD-B07D6C1FEA26}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 104.0.5112.81 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Video Support Plugin (HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 19.12.1000.0 - Google, LLC.)
Intel(R) Chipset Device Software (HKLM\...\{94E05108-3E4E-4F2E-AC5F-33A1B22B779C}) (Version: 10.1.1.44 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1037 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{64935D7A-15D0-4F19-A39D-F9F0FF2763C2}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{E3AB7309-76C8-481D-BBAF-FA0F451709AA}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Network Connections 22.4.16.0 (HKLM\...\{00751608-84BC-4420-A51E-FDA884C1DEA9}) (Version: 22.4.16.0 - Intel) Hidden
Intel(R) Network Connections 22.4.16.0 (HKLM\...\PROSetDX) (Version: 22.4.16.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.8.1.1007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{E99EAEDE-3206-45F1-89A4-CDB40E5AAEC9}) (Version: 15.8.1.1007 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client (HKLM\...\{F6AA7E43-41A4-4304-BA96-A495C5788231}) (Version: 1.45.447.1 - Intel Corporation) Hidden
Java 8 Update 341 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180341F0}) (Version: 8.0.3410.10 - Oracle Corporation)
Java(TM) SE Development Kit 17.0.2 (64-bit) (HKLM\...\{65BA81E7-0238-5B54-9069-A59610247B0B}) (Version: 17.0.2.0 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.12.204 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.12.204 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 104.0.1293.47 - Microsoft Corporation)
Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.15427.20194 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\OneDriveSetup.exe) (Version: 20.134.0705.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{6EC872A5-236B-439D-8726-0F62A898CE44}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{124E5892-DF9C-4ADE-A323-117D2E9D57D6}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{e6edaf4d-f9a1-4023-be00-d6189343feb9}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (HKLM-x32\...\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{08D2E121-7F6A-43EB-97FD-629B44903403}) (Version: 1.00.0000 - Adobe) Hidden
MSVCRT Redists (HKLM\...\{3BFC9CAE-091D-11E4-886A-F04DA23A5C58}) (Version: 1.0 - Sony Creative Software Inc.) Hidden
NVIDIA Controlador de audio HD 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 516.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 516.59 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.1.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15427.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15427.20148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.15427.20178 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.115.51547 - Electronic Arts, Inc.)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PlanetSide 2 (HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8210 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
Revo Uninstaller 2.3.9 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.9 - VS Revo Group, Ltd.)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Spotify (HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\Spotify) (Version: 1.1.91.824.g07f1e963 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Unity (HKLM-x32\...\Unity) (Version: 2020.3.16f1 - Unity Technologies ApS)
Unity Hub 2.4.5 (HKLM\...\{Unity Technologies - Hub}) (Version: 2.4.5 - Unity Technologies Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Vegas Pro 13.0 (64-bit) (HKLM\...\{3934F12E-091D-11E4-A0AD-F04DA23A5C58}) (Version: 13.0.373 - Sony)
VobSub v2.23 (Remove Only) (HKLM-x32\...\VobSub) (Version: - )
WebAdvisor de McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.748 - McAfee, LLC)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 104.0.1293.47 - Microsoft Corporation)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
XSplit Broadcaster (HKLM-x32\...\{306BF455-B199-433A-9217-7E80CE1B7683}) (Version: 2.8.1607.1944 - SplitmediaLabs)
ZeroTier One (HKLM-x32\...\{80CEE5C9-4DF0-43F5-B232-484D6455978E}) (Version: 1.4.6 - ZeroTier, Inc.) Hidden
ZeroTier One (HKLM-x32\...\ZeroTier One 1.4.6) (Version: 1.4.6 - ZeroTier, Inc.)
ZeroTier One Virtual Network Port (HKLM\...\{4AFE4740-C680-40FE-B6B0-0C15EB0176F1}) (Version: 1.0.0 - ZeroTier) Hidden
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-08] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.11.265.0_x64__rz1tebttyb220 [2021-12-10] (Dolby Laboratories)
Extensión de vídeo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-26] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12030.0_x64__8wekyb3d8bbwe [2021-12-10] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-06-30] (NVIDIA Corp.)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
CustomCLSID: HKU\S-1-5-21-60943599-1268960206-3839154373-1001_Classes\CLSID\{69545769-8D02-4B07-A481-AD374CD8D5D1}\InprocServer32 -> C:\Users\German\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-60943599-1268960206-3839154373-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\German\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-60943599-1268960206-3839154373-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\German\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-08-05] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-08-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-08-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-08-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-08-09] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\nvshext.dll [2022-06-24] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-08-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-08-09] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
==================== Accesos directos & WMI ========================
==================== Módulos cargados (Lista blanca) =============
2020-04-19 09:34 - 2020-04-19 09:34 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-04-19 09:34 - 2020-04-19 09:34 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2021-07-22 18:39 - 2021-07-22 18:39 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-07-22 18:39 - 2021-07-22 18:39 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\Origin\ssleay32.dll
2021-07-22 18:39 - 2021-07-22 18:39 - 001611264 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-08-11 17:04 - 2021-07-22 18:39 - 005487104 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-08-11 17:04 - 2021-07-22 18:39 - 005841920 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-08-11 17:04 - 2021-07-22 18:39 - 001179136 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-08-11 17:04 - 2021-07-22 18:39 - 000146432 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-08-11 17:04 - 2021-07-22 18:39 - 005089792 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-08-11 17:04 - 2021-07-22 18:39 - 000184832 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Lista blanca) ========
(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)
AlternateDataStreams: C:\WINDOWS\tracing:? [16]
AlternateDataStreams: C:\Users\German:Heroes & Generals [38]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log:F107EE40EF [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log_backup1:2DD1EC5C91 [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer10.log:CCC93B07B0 [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer10.log_backup1:AD433BF298 [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer11.log_backup1:97A90964FA [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer12.log:C40F6B9209 [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer12.log_backup1:7CC29836A6 [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer13.log:AE3C879266 [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer14.log:DE1448F4D7 [2498]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [2498]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk:21661D084B [2498]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [2498]
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer (Lista blanca) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\ssv.dll [2022-07-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\jp2ssv.dll [2022-07-19] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2018-04-11 20:38 - 2019-01-04 20:50 - 000000826 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ZeroTier\One\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;D:\Oracle\bin;
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\German\Desktop\space wallpaper (1).jpeg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\StartupApproved\Run: => "Chromium"
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [{571F2880-40F1-45A3-AE2B-0F7879FFF93B}] => (Allow) D:\Steam\steamapps\common\Raft\Raft.exe () [Archivo no firmado]
FirewallRules: [{69FFA7CF-0D23-4B5B-85F6-C9530693DDF4}] => (Allow) D:\Steam\steamapps\common\Raft\Raft.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{AD1912A4-6E42-4822-B0F5-F94364C144D6}D:\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steam\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [Archivo no firmado]
FirewallRules: [TCP Query User{92B4661B-B5D8-448E-B011-8E32CF4E1FEF}D:\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steam\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [Archivo no firmado]
FirewallRules: [{01140DDF-044A-4A20-AD87-2B2E885F666D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{71CBB0AC-226D-4BF6-9D63-515E6A625B5B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{926B03B8-C740-4C16-B9A0-511FF350E4F4}C:\users\german\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\german\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{810403E7-9089-4F4C-A5EA-9D7E727C1C45}C:\users\german\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\german\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E580B576-A371-438B-8541-88A1C63AD3CD}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe (ZeroTier, Inc. -> )
FirewallRules: [{83D40EE7-49F3-4408-9C50-A123A51D0E5A}] => (Allow) LPort=9993
FirewallRules: [{C604D978-E781-4F18-9754-3F95F4B5900B}] => (Allow) LPort=9993
FirewallRules: [UDP Query User{A8A024F9-481B-453C-AEAB-1C3091962680}D:\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) D:\steam\steamapps\common\7 days to die\7daystodie.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{310A062B-A775-4B3A-9D25-FCE19341EF32}D:\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) D:\steam\steamapps\common\7 days to die\7daystodie.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{2DC73C56-F814-45C4-B20E-BFBFB3FE3634}C:\users\german\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\german\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe
FirewallRules: [TCP Query User{15E56704-48A2-4F46-A532-871320417427}C:\users\german\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\german\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe
FirewallRules: [{F2664A42-4E48-4CA0-A3E1-E087036416B6}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5FF1A404-6AFE-4F7F-9F6D-7BA18FF50AC9}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{829CAB0E-BCC8-4775-8026-DD5EF447CFC1}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{71A45D53-55DC-483A-84AD-BA396B345595}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{83902D6E-E3FF-4113-A875-557F9FBF72E2}D:\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{5F510FE0-3F65-4C99-812A-E65F51679E5D}D:\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{56A40F0D-EEDA-4D7F-A96E-3CD009573BC9}] => (Block) D:\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{9755D2AD-789F-4ED8-BAB2-ECDF67AC9DF0}] => (Block) D:\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{24F8145F-79D4-4F44-BBE4-1700DEA5EDF9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{27F12D45-5842-47F5-A266-716E9147DF3A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{55C5C92A-0F34-40D6-A987-D8FDF3935998}C:\users\german\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\german\appdata\roaming\utorrent\utorrent.exe => Ningún archivo
FirewallRules: [UDP Query User{AB023C28-6D88-4012-9465-4B1FF6A0FE8E}C:\users\german\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\german\appdata\roaming\utorrent\utorrent.exe => Ningún archivo
FirewallRules: [{615BD4C5-7200-4CAF-89FC-D0A813628244}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> ) [Archivo no firmado]
FirewallRules: [{61F89D27-2D36-4925-834E-8CDC9EE26740}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> ) [Archivo no firmado]
FirewallRules: [{9F4AB368-4CB4-4A15-AD11-8D00FD8CA249}] => (Allow) D:\Steam\steamapps\common\Shadow Warrior 2\ShadowWarrior2.exe (Flying Wild Hog) [Archivo no firmado]
FirewallRules: [{EC704291-5DC2-4646-ABFB-51C06BDFDBBA}] => (Allow) D:\Steam\steamapps\common\Shadow Warrior 2\ShadowWarrior2.exe (Flying Wild Hog) [Archivo no firmado]
FirewallRules: [TCP Query User{4B61C96B-CFC5-4404-BAD2-8FDC4871ADE8}C:\users\german\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\german\appdata\roaming\utorrent\utorrent.exe => Ningún archivo
FirewallRules: [UDP Query User{5E638672-88B7-43B9-850D-7363032D5B7C}C:\users\german\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\german\appdata\roaming\utorrent\utorrent.exe => Ningún archivo
FirewallRules: [{F26D3A23-9324-4D92-97CF-0BCFCCFC3D24}] => (Allow) D:\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [Archivo no firmado]
FirewallRules: [{B8718560-06B5-485C-812A-B0CEBC731070}] => (Allow) D:\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{D825632A-3ADB-471A-87E2-D7A697E61A68}D:\steam\steamapps\common\undead legacy\7daystodie.exe] => (Allow) D:\steam\steamapps\common\undead legacy\7daystodie.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{07294366-43E5-4432-92ED-8BEB577F3E03}D:\steam\steamapps\common\undead legacy\7daystodie.exe] => (Allow) D:\steam\steamapps\common\undead legacy\7daystodie.exe () [Archivo no firmado]
FirewallRules: [{0C71BC83-BDBA-4AAB-AA50-60ECA5185F2D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{45ECEA0F-825A-4862-A98B-FA9A79A0E67C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{C675B21F-3A65-48EE-802A-4C962D37F0E1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{0CC01A4F-A5EC-4FEE-9DEE-E09547F8B8E5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{A9B64832-247A-4DB0-8FF9-E6BC58BFB531}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{8D050710-9754-44B0-B7ED-12034533C6AF}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{0A274B02-BCF0-4044-ACF2-383B8084E272}] => (Allow) D:\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [Archivo no firmado]
FirewallRules: [{05E2F511-88F7-463A-B5F1-9ACA881339ED}] => (Allow) D:\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [Archivo no firmado]
FirewallRules: [{AC1346A5-8832-4061-B07B-EBA90A062506}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{97FD9B9C-6FFC-4B22-9D27-BFF5979942A1}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{9A1DE049-FE7A-4210-8C3B-825E70DEA627}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{FBA5C96C-F201-46C6-AD6C-A4D4874DC18E}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{985C749B-A856-44DB-82A2-29BB00135B85}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{C4C11EED-5D02-4200-8615-22FEA693612F}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{D76DA85B-9FAB-42D5-B775-C4B965E63F06}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{BAF34FF3-A94F-4867-8AED-B181A5ADE0D4}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{769BDF33-E89D-4C13-805E-4CF1C05DD336}] => (Allow) D:\Unity\Unity Hub\Unity Hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [TCP Query User{EB6C4142-B10A-4B32-98A5-829D83308379}D:\unity\unity hub\unity hub.exe] => (Allow) D:\unity\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [UDP Query User{37B069D5-6020-40F3-A3A1-1B605678B0A1}D:\unity\unity hub\unity hub.exe] => (Allow) D:\unity\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [{45BD5963-77F1-4007-8384-76CA413ACC69}] => (Allow) D:\Unity Instalado\2020.3.16f1\Editor\Unity.exe (Unity Technologies ApS -> Unity Technologies ApS)
FirewallRules: [{274D1599-04D3-4207-82A1-39179649191C}] => (Block) D:\Unity Instalado\2020.3.16f1\Editor\Unity.exe (Unity Technologies ApS -> Unity Technologies ApS)
FirewallRules: [TCP Query User{6A9F7D2B-9D3A-4B70-BD4F-ACFE3570C0EE}D:\unity instalado\2020.3.16f1\editor\data\tools\nodejs\node.exe] => (Allow) D:\unity instalado\2020.3.16f1\editor\data\tools\nodejs\node.exe (Node.js Foundation -> Node.js) [Archivo no firmado]
FirewallRules: [UDP Query User{315D754C-4216-4295-9F50-DCD9D9687B0E}D:\unity instalado\2020.3.16f1\editor\data\tools\nodejs\node.exe] => (Allow) D:\unity instalado\2020.3.16f1\editor\data\tools\nodejs\node.exe (Node.js Foundation -> Node.js) [Archivo no firmado]
FirewallRules: [{E011E85C-C619-4E8E-8127-03C305FEE436}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E7C855EC-E808-4EC1-A455-331620B872A5}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{FCA7E1DD-B62D-4525-A181-F81DCB01A450}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{DD3DC22F-FCDC-425C-BAF0-655FDD25C7C9}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{1B4FA70B-69EA-4B10-8E2E-4747728AA83C}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{116BB929-80D9-4068-A2C6-6C8CA33607C5}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A0A44B73-0EAE-419D-91CB-6980A239097B}] => (Allow) D:\Steam\steamapps\common\ChildrenOfMorta\ChildrenOfMorta.exe () [Archivo no firmado]
FirewallRules: [{E32F9847-9EC7-453D-AD63-B2E647415DF0}] => (Allow) D:\Steam\steamapps\common\ChildrenOfMorta\ChildrenOfMorta.exe () [Archivo no firmado]
FirewallRules: [{3B4FBCD4-09B7-4750-9640-7A4C67E94086}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{96111C9C-720C-4507-A80D-24710A0A0EE0}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D973A780-D061-422A-8A8F-F1FA7A209051}] => (Allow) D:\Steam\steamapps\common\The Last Stand Aftermath\TLSA.exe () [Archivo no firmado]
FirewallRules: [{01E9CB5F-329B-4764-B5FC-C4238E3101B9}] => (Allow) D:\Steam\steamapps\common\The Last Stand Aftermath\TLSA.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{399DEA17-FA1B-4260-8F2E-F4E3FE79C9CA}D:\eclipse\eclipse\eclipse.exe] => (Allow) D:\eclipse\eclipse\eclipse.exe (Eclipse.org Foundation, Inc. -> )
FirewallRules: [UDP Query User{9A32F802-8EE1-49EC-AB24-B6076FAB9C21}D:\eclipse\eclipse\eclipse.exe] => (Allow) D:\eclipse\eclipse\eclipse.exe (Eclipse.org Foundation, Inc. -> )
FirewallRules: [{E4973DA6-5B65-4533-B666-8D9182DE4FE4}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E1084831-51AC-495D-8032-EE9A9AB7F4F4}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C70FCAA4-1DA4-4D81-9502-657B9BF22FBF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{83A0BCEC-9C3D-4001-98F0-684BCAA7CADD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{121EEAC0-A6CD-4DA4-B568-C859E5660A92}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BF2688E6-2092-4362-9AFF-27F9D164A451}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{203BE8AB-2C0C-4C54-966A-764FF8AE093A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DCA05985-9482-4C76-BFCA-78E0009DE011}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{14DA49B2-2A4C-4CEF-8798-AC71A319EAC6}D:\juegos epic\riseofthetombraider\rottr.exe] => (Allow) D:\juegos epic\riseofthetombraider\rottr.exe (Square Enix LTD -> Eidos Inc.)
FirewallRules: [UDP Query User{53106983-8E8D-4557-A80E-8B212547ED0D}D:\juegos epic\riseofthetombraider\rottr.exe] => (Allow) D:\juegos epic\riseofthetombraider\rottr.exe (Square Enix LTD -> Eidos Inc.)
FirewallRules: [{6B510754-F06B-4A15-9A5F-E06CE60E77AE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7AB1254C-55B1-4B84-9884-A7E88242009C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C9AA6C0E-1D32-4065-9462-BAD29202497D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{6CBF2FAB-4F60-48ED-91CF-EF5A41AF357C}D:\epic games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\epic games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{0CFB7EFD-1A30-4045-9B0C-918DAB0A68D6}D:\epic games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\epic games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{44EB0AFB-BBDE-42C8-A7CB-63B3F2FDE622}] => (Allow) D:\Steam\steamapps\common\Dying Light 2\ph\work\bin\x64\DyingLightGame_x64_rwdi.exe (Techland S.A. -> Techland)
FirewallRules: [{92D7E2E0-6865-4333-85A3-479CC0BD0480}] => (Allow) D:\Steam\steamapps\common\Dying Light 2\ph\work\bin\x64\DyingLightGame_x64_rwdi.exe (Techland S.A. -> Techland)
FirewallRules: [{69BD2FEB-9FD8-42CE-83D9-05966E4673B2}] => (Allow) D:\Steam\steamapps\common\GenerationZero\GenerationZero_F.exe (Fatalist Development AB -> )
FirewallRules: [{4FD678E9-C2FF-44D1-9180-DA9FFDB508A4}] => (Allow) D:\Steam\steamapps\common\GenerationZero\GenerationZero_F.exe (Fatalist Development AB -> )
FirewallRules: [{1FA1BAD3-500F-4DAD-A41C-923283DB7302}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{528CC6A5-FA04-4BD2-83D3-F2E7C91518E7}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4083B819-8689-42B4-B399-2E6B01AD4D46}] => (Allow) D:\Steam\steamapps\common\Ultimate Doom\rerelease\DOOM.exe () [Archivo no firmado]
FirewallRules: [{AD437A86-99E8-4A79-A17A-D160BE31CF81}] => (Allow) D:\Steam\steamapps\common\Ultimate Doom\rerelease\DOOM.exe () [Archivo no firmado]
FirewallRules: [{D3328219-35E4-4063-95ED-19B30D8E033B}] => (Allow) D:\Steam\steamapps\common\Ultimate Doom\base\dosbox.exe (DOSBox Team) [Archivo no firmado]
FirewallRules: [{73D43F80-6640-48EE-BC0C-32EB702525FA}] => (Allow) D:\Steam\steamapps\common\Ultimate Doom\base\dosbox.exe (DOSBox Team) [Archivo no firmado]
FirewallRules: [{53DFE8DB-A05F-411E-8CE0-34CCCD09280F}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B0107B0A-F084-448D-83A4-625C7CCC5A0A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{00E49A70-DE6E-416F-9051-B2FBB389287C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{4CA6ADF6-F823-4834-9AAC-85D54FD2F453}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{CEF9648D-9B2C-4670-8F1D-945D7BA94AD7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{622AB1F3-891A-4295-A0AF-FB1A83659600}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{54CE8BD3-EAE8-4DE8-BC8A-5AB931C70DB8}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{40898213-E751-4B71-BEA3-766D57EB89A8}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{022FF297-D248-428D-B7C6-DC4E99849C4B}D:\juegos epic\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\juegos epic\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software, L.L.C. -> Gearbox Software)
FirewallRules: [UDP Query User{15F5DB53-4CCA-43EC-8583-D1CC1F715E68}D:\juegos epic\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\juegos epic\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software, L.L.C. -> Gearbox Software)
FirewallRules: [{7BE441B9-1476-400A-833E-19FF34A3369F}] => (Allow) D:\Steam\steamapps\common\Remorse The List\Remorse.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [{7B5653B7-28FD-45F6-910D-A6ACD5F50C4F}] => (Allow) D:\Steam\steamapps\common\Remorse The List\Remorse.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [{90E8C548-F2CD-4780-BD47-ADAE00EB8BEC}] => (Allow) D:\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{7C9023A6-968B-4937-B97D-D162C0CB2661}] => (Allow) D:\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{DA73331C-5BEF-4EAC-9506-FEDD882930AD}] => (Allow) D:\Steam\steamapps\common\ELDEN RING\AdvGuide\ELDEN RING Adventure Guide.exe () [Archivo no firmado]
FirewallRules: [{7FB39A9E-DC47-4183-80D7-A6C0410708CF}] => (Allow) D:\Steam\steamapps\common\ELDEN RING\AdvGuide\ELDEN RING Adventure Guide.exe () [Archivo no firmado]
FirewallRules: [{1E1B52E0-3259-4B0F-96EE-120A74C47E39}] => (Allow) D:\Steam\steamapps\common\Blood West\Blood West.exe () [Archivo no firmado]
FirewallRules: [{F6A9783C-E7A4-444C-91BD-58C1BC8137EA}] => (Allow) D:\Steam\steamapps\common\Blood West\Blood West.exe () [Archivo no firmado]
FirewallRules: [{6BBAA021-FC71-4DBB-9259-74AA97ED397E}] => (Allow) D:\Steam\steamapps\common\Undying\Undying.exe () [Archivo no firmado]
FirewallRules: [{08CCB185-0671-4038-A84E-9064031F6E43}] => (Allow) D:\Steam\steamapps\common\Undying\Undying.exe () [Archivo no firmado]
FirewallRules: [{85030F62-0A0F-4CA0-BB03-D14E81475633}] => (Allow) D:\Steam\steamapps\common\Forgive me Father\FMF.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [{DB8F9D8B-21AD-4AAE-B9EA-059BBF05AE4E}] => (Allow) D:\Steam\steamapps\common\Forgive me Father\FMF.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [{3423EE9B-6F6D-45DA-86C6-6548A8C1D4EC}] => (Allow) D:\Steam\steamapps\common\Heaven Dust 2\HeavenDust2.exe () [Archivo no firmado]
FirewallRules: [{9DF751C3-5A8A-4BD6-92A6-122C314DB156}] => (Allow) D:\Steam\steamapps\common\Heaven Dust 2\HeavenDust2.exe () [Archivo no firmado]
FirewallRules: [{4000F263-3EAB-4BEF-A4C0-D0B49AF60770}] => (Allow) D:\Steam\steamapps\common\Squad\squad_launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{4E6439D3-B34C-4217-B575-73ADB54A0E6B}] => (Allow) D:\Steam\steamapps\common\Squad\squad_launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{2B3A3F12-689D-4A79-B1BB-D3C0A094A8A0}D:\steam\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe] => (Allow) D:\steam\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe (Offworld Industries -> Offworld Industries Ltd.)
FirewallRules: [UDP Query User{0AAF52D4-632A-4A2B-A93E-F9B28FA9EF52}D:\steam\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe] => (Allow) D:\steam\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe (Offworld Industries -> Offworld Industries Ltd.)
FirewallRules: [{7E4B2747-E12A-44AA-A15D-002A7A185772}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5346C919-3F9C-4C51-A003-DA9AD68736F7}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{35451009-4DA8-4B97-951D-7C951D71E71B}] => (Allow) D:\Steam\steamapps\common\Eternal Evil\EternalEvil.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [{A8CC1C89-5A43-450D-AA17-EBE76BF89066}] => (Allow) D:\Steam\steamapps\common\Eternal Evil\EternalEvil.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [{642C7FD7-38B3-451D-97E5-1246118F8FEE}] => (Allow) D:\Steam\steamapps\common\Hell Let Loose\Launch_HLL.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{FE60EBBD-B035-477F-A3AB-4A30133BE610}] => (Allow) D:\Steam\steamapps\common\Hell Let Loose\Launch_HLL.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{50C7E47C-450E-4604-B45D-979038DA3CC0}D:\steam\steamapps\common\hell let loose\hll\binaries\win64\hll-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\hell let loose\hll\binaries\win64\hll-win64-shipping.exe (BLACK MATTER PTY. LTD.) [Archivo no firmado]
FirewallRules: [UDP Query User{91898906-CB25-475F-AA8B-31499650423F}D:\steam\steamapps\common\hell let loose\hll\binaries\win64\hll-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\hell let loose\hll\binaries\win64\hll-win64-shipping.exe (BLACK MATTER PTY. LTD.) [Archivo no firmado]
FirewallRules: [{483C4F75-253F-4458-A3EE-AB4A1AB8E93B}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{911F6E4C-FA81-428E-ABB5-A1B5431DF172}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{21E98A07-862D-458C-9098-196D0B7424F9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.47\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D5C2CB8-BDFD-404F-AF50-57AD1096D97C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{87F5ECCC-7D53-436C-82A6-F4FB551AD354}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe (ZeroTier, Inc. -> )
FirewallRules: [{DA1147EE-AFD5-4800-A7FB-D1EBEF2D98E4}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe (ZeroTier, Inc. -> )
FirewallRules: [UDP Query User{E830B09A-B81B-4E64-A404-0DFEDCC00338}D:\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{102B2BFA-4752-435D-B7C6-9178986D9639}D:\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{4FBB05A4-7554-4BB0-BD5D-5EBF7EFE44B8}D:\among us\among us 2020.9.1\among us.exe] => (Allow) D:\among us\among us 2020.9.1\among us.exe => Ningún archivo
FirewallRules: [TCP Query User{A1609C15-EA89-4ECE-9D0C-26568E2FCC48}D:\among us\among us 2020.9.1\among us.exe] => (Allow) D:\among us\among us 2020.9.1\among us.exe => Ningún archivo
FirewallRules: [UDP Query User{5EDD7AB9-49B6-4782-8D75-F21D6218B50D}D:\remnant\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) D:\remnant\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{70BB7A01-F9B9-426C-8B81-14F2B9FCB85C}D:\remnant\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) D:\remnant\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{59BED441-06AF-48E3-AA7E-250F151239A7}D:\steam\steamapps\common\goat of duty\goatofduty\binaries\win64\goatofduty-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\goat of duty\goatofduty\binaries\win64\goatofduty-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{202066BA-E7A2-4F7D-AFB5-79CE0A9B5E4F}D:\steam\steamapps\common\goat of duty\goatofduty\binaries\win64\goatofduty-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\goat of duty\goatofduty\binaries\win64\goatofduty-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{ABB3DD9B-F1C7-4A58-AD50-F93A30658628}D:\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\cod warzone\call of duty modern warfare\modernwarfare.exe => Ningún archivo
FirewallRules: [TCP Query User{4A2AA3AB-360C-4F99-A806-E49F3E50B768}D:\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\cod warzone\call of duty modern warfare\modernwarfare.exe => Ningún archivo
FirewallRules: [UDP Query User{B19D5D7C-CD08-40AB-B6EF-D61909BDF810}D:\steam\steamapps\common\mist survival\mistsurvival\binaries\win64\mistsurvival-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\mist survival\mistsurvival\binaries\win64\mistsurvival-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{33B325E4-6A4A-47AD-BD55-84D1B6A88DE9}D:\steam\steamapps\common\mist survival\mistsurvival\binaries\win64\mistsurvival-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\mist survival\mistsurvival\binaries\win64\mistsurvival-win64-shipping.exe => Ningún archivo
FirewallRules: [{49E041FC-1ED5-48FB-B15A-B24E10EE2B47}] => (Allow) D:\Steam\steamapps\common\Zombie_Driver_HD\bin\ZombieDriverHD.exe => Ningún archivo
FirewallRules: [{844E4F22-8776-459D-9AB3-F01D6DE8668D}] => (Allow) D:\Steam\steamapps\common\Zombie_Driver_HD\bin\ZombieDriverHD.exe => Ningún archivo
FirewallRules: [UDP Query User{FD945848-7D23-472D-BB33-6D4ED3F08B01}D:\steam\steamapps\common\chernobylite\chernobylgame\binaries\win64\chernobylgame-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\chernobylite\chernobylgame\binaries\win64\chernobylgame-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{10F964FF-473A-4725-8464-7CB784B8FEBC}D:\steam\steamapps\common\chernobylite\chernobylgame\binaries\win64\chernobylgame-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\chernobylite\chernobylgame\binaries\win64\chernobylgame-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{1BE80B67-C5E7-4003-B663-17BF8D321840}D:\baba yaga\yaga\yaga.exe] => (Allow) D:\baba yaga\yaga\yaga.exe => Ningún archivo
FirewallRules: [TCP Query User{19B03550-3C12-41B7-9EA2-F0CD02F1DBD4}D:\baba yaga\yaga\yaga.exe] => (Allow) D:\baba yaga\yaga\yaga.exe => Ningún archivoFirewallRules: [UDP Query User{658B537B-8A95-4907-A288-2BF945E677FF}D:\diablo 2\diablo.ii.lod.v1.14d.lan-pcmymjuegos\pcmymjuegos\game.exe] => (Allow) D:\diablo 2\diablo.ii.lod.v1.14d.lan-pcmymjuegos\pcmymjuegos\game.exe => Ningún archivo
FirewallRules: [TCP Query User{436395BB-3E57-48B3-82E0-7D58B302C9FE}D:\diablo 2\diablo.ii.lod.v1.14d.lan-pcmymjuegos\pcmymjuegos\game.exe] => (Allow) D:\diablo 2\diablo.ii.lod.v1.14d.lan-pcmymjuegos\pcmymjuegos\game.exe => Ningún archivo
FirewallRules: [{8E050916-BD6D-489B-8E4C-42D850E59F8E}] => (Allow) D:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => Ningún archivo
FirewallRules: [{640BC32E-FAA8-44ED-B550-C5AD5A1FF2DD}] => (Allow) D:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => Ningún archivo
FirewallRules: [TCP Query User{00ADB795-03A5-4C59-BD0C-719C187F5F40}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => Ningún archivo
FirewallRules: [UDP Query User{2634B772-88DE-40E7-8963-1A183B5ED433}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => Ningún archivo
FirewallRules: [{F79AB733-CEBD-4B5A-A900-2F8604495272}] => (Allow) D:\Escape from Tarkov\BsgLauncher\BsgLauncher.exe => Ningún archivo
FirewallRules: [{5DB16D29-939F-41A5-AB63-D4F0EE7BFD28}] => (Allow) D:\Escape from Tarkov\BsgLauncher\BsgLauncher.exe => Ningún archivo
FirewallRules: [TCP Query User{EDD40E63-EB57-404F-9036-77C9ACDCE0A1}D:\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe] => (Allow) D:\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe => Ningún archivo
FirewallRules: [UDP Query User{AF26E0C5-49A6-44C9-842E-9CC6EFB6CB1C}D:\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe] => (Allow) D:\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe => Ningún archivo
FirewallRules: [TCP Query User{543C160B-7063-4006-B048-0C7E669D2213}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Ningún archivo
FirewallRules: [UDP Query User{35701FDD-A4A0-4145-817E-EBB4F850F562}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Ningún archivo
FirewallRules: [TCP Query User{9CC1DB5A-D19E-4053-8912-0DF4B5F54F63}D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe] => (Allow) D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe => Ningún archivo
FirewallRules: [UDP Query User{DB3FC385-BAA6-4E02-8980-D485632213CA}D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe] => (Allow) D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe => Ningún archivo
FirewallRules: [TCP Query User{2542E070-8492-4C3D-A136-53F5092236B8}D:\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\steam\steamapps\common\planetside 2\planetside2_x64.exe => Ningún archivo
FirewallRules: [UDP Query User{7F1EA174-A9F3-41BE-B6D1-CD79FC3452A6}D:\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\steam\steamapps\common\planetside 2\planetside2_x64.exe => Ningún archivo
FirewallRules: [TCP Query User{68D3AD29-88B3-4E7E-8C4B-1C96F9A88F2C}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe => Ningún archivo
FirewallRules: [UDP Query User{9437B0AD-8EB9-445C-A08D-E19D396196F2}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe => Ningún archivo
FirewallRules: [TCP Query User{5044C501-23C5-433B-900F-EECCAFAE9157}D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe] => (Allow) D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe => Ningún archivo
FirewallRules: [UDP Query User{023DAD90-5CB8-4AC1-95B1-3E53269A980A}D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe] => (Allow) D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe => Ningún archivo
FirewallRules: [TCP Query User{0DC68BFB-851B-4577-BC7B-73660457DF08}D:\steam\steamapps\common\desolate\desolate\binaries\win64\sh-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\desolate\desolate\binaries\win64\sh-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{C21E6849-2071-4639-B46B-8862A990C396}D:\steam\steamapps\common\desolate\desolate\binaries\win64\sh-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\desolate\desolate\binaries\win64\sh-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{57774A71-AE9B-4024-9B4F-592C5B324B1A}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => Ningún archivo
FirewallRules: [UDP Query User{102DCDBE-2A19-4099-AFC0-50CD031EB555}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => Ningún archivo
FirewallRules: [TCP Query User{FE32E484-2ACF-42EB-8C99-AE8392888275}D:\cod warzone\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) D:\cod warzone\call of duty black ops cold war\blackopscoldwar.exe => Ningún archivo
FirewallRules: [UDP Query User{06C2347E-E6E3-493B-AE4C-FA8C0B00F790}D:\cod warzone\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) D:\cod warzone\call of duty black ops cold war\blackopscoldwar.exe => Ningún archivo
FirewallRules: [TCP Query User{4EBA6AD8-3FF9-4AFB-9BB3-632690F687C0}D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Ningún archivo
FirewallRules: [UDP Query User{6C0EF96F-EDC9-4A57-B88B-C62CB99A1A39}D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Ningún archivo
FirewallRules: [TCP Query User{DC7B0C7D-2941-4146-963B-58C60AFC12F1}D:\steam\steamapps\common\ebola 2\thesin\binaries\win64\thesin-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\ebola 2\thesin\binaries\win64\thesin-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{391BA239-945C-44FC-908D-63F5906272D4}D:\steam\steamapps\common\ebola 2\thesin\binaries\win64\thesin-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\ebola 2\thesin\binaries\win64\thesin-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{515F67CD-A391-4ED8-A0E7-EF17404683AD}D:\steam\steamapps\common\7 days to die - copia\7daystodie.exe] => (Allow) D:\steam\steamapps\common\7 days to die - copia\7daystodie.exe => Ningún archivo
FirewallRules: [UDP Query User{2D0EC506-ADBB-4F01-94D1-F92A515BC56A}D:\steam\steamapps\common\7 days to die - copia\7daystodie.exe] => (Allow) D:\steam\steamapps\common\7 days to die - copia\7daystodie.exe => Ningún archivo
FirewallRules: [TCP Query User{5FE7BAFE-0498-4019-A952-752E16F6B8D2}D:\the shore\the shore\theisland\binaries\win64\theisland.exe] => (Allow) D:\the shore\the shore\theisland\binaries\win64\theisland.exe => Ningún archivo
FirewallRules: [UDP Query User{DD5B8479-2F85-4D8D-A612-44071965D938}D:\the shore\the shore\theisland\binaries\win64\theisland.exe] => (Allow) D:\the shore\the shore\theisland\binaries\win64\theisland.exe => Ningún archivo
FirewallRules: [TCP Query User{2B7AFCB0-F0C2-499A-B4CF-92AF0A7E0583}D:\enlisted\enlisted\launcher.exe] => (Allow) D:\enlisted\enlisted\launcher.exe => Ningún archivo
FirewallRules: [UDP Query User{0E26494E-2A21-431C-AFDA-2C511834AE4C}D:\enlisted\enlisted\launcher.exe] => (Allow) D:\enlisted\enlisted\launcher.exe => Ningún archivo
FirewallRules: [TCP Query User{9B07076B-FA4A-4F1C-8CA5-B791707CD487}D:\enlisted\enlisted\win64\enlisted.exe] => (Allow) D:\enlisted\enlisted\win64\enlisted.exe => Ningún archivo
FirewallRules: [UDP Query User{BCF1B678-0072-47AE-BCDE-96FD81791745}D:\enlisted\enlisted\win64\enlisted.exe] => (Allow) D:\enlisted\enlisted\win64\enlisted.exe => Ningún archivo
FirewallRules: [TCP Query User{7CD5FF9D-FCD6-426D-A632-EC854C664694}D:\remnant\overcooked2\overcooked2.exe] => (Allow) D:\remnant\overcooked2\overcooked2.exe => Ningún archivo
FirewallRules: [UDP Query User{5EF0DE2F-1E04-4040-9A05-99BAF7262BFE}D:\remnant\overcooked2\overcooked2.exe] => (Allow) D:\remnant\overcooked2\overcooked2.exe => Ningún archivo
FirewallRules: [TCP Query User{8CCA4B11-A19A-461C-A678-950B18ED0248}D:\steam\steamapps\common\battlefield 4\bf4.exe] => (Allow) D:\steam\steamapps\common\battlefield 4\bf4.exe => Ningún archivo
FirewallRules: [UDP Query User{51878D86-AB04-4899-84D0-3B00E69FFC8A}D:\steam\steamapps\common\battlefield 4\bf4.exe] => (Allow) D:\steam\steamapps\common\battlefield 4\bf4.exe => Ningún archivo
FirewallRules: [TCP Query User{601509DA-A21A-43EA-B09B-5D67F76871E5}D:\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{8744001A-F20A-429D-9023-DEF855F0E69D}D:\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{F12DD89E-AC07-4428-BEF4-6A211F897859}D:\ghost recon future soldier\tom clancys ghost recon future soldier\future soldier dx11.exe] => (Allow) D:\ghost recon future soldier\tom clancys ghost recon future soldier\future soldier dx11.exe => Ningún archivo
FirewallRules: [UDP Query User{DB51B871-FD06-46A9-89C4-2BE020E111F4}D:\ghost recon future soldier\tom clancys ghost recon future soldier\future soldier dx11.exe] => (Allow) D:\ghost recon future soldier\tom clancys ghost recon future soldier\future soldier dx11.exe => Ningún archivo
FirewallRules: [TCP Query User{F510D060-C5D2-4029-8BD2-2E2CF933EA8D}D:\steam\steamapps\common\battlefield 2042\bf2042.exe] => (Allow) D:\steam\steamapps\common\battlefield 2042\bf2042.exe => Ningún archivo
FirewallRules: [UDP Query User{E8058751-269B-40FA-80D0-4B7A12809756}D:\steam\steamapps\common\battlefield 2042\bf2042.exe] => (Allow) D:\steam\steamapps\common\battlefield 2042\bf2042.exe => Ningún archivo
FirewallRules: [{52875699-6D78-49B9-8227-699C2C531DA9}] => (Allow) D:\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => Ningún archivo
FirewallRules: [{BADFF65C-A01E-4F87-859A-3FCC08ADE6D7}] => (Allow) D:\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => Ningún archivo
FirewallRules: [TCP Query User{813122F4-BA62-4251-BAE8-5B3E0152D214}D:\juegos epic\secondextinction\secondextinctioneos.exe] => (Allow) D:\juegos epic\secondextinction\secondextinctioneos.exe => Ningún archivo
FirewallRules: [UDP Query User{B9182AB4-8F73-4091-8036-46BDB2DD6F94}D:\juegos epic\secondextinction\secondextinctioneos.exe] => (Allow) D:\juegos epic\secondextinction\secondextinctioneos.exe => Ningún archivo
FirewallRules: [{B129B496-BC8E-400E-B1AC-28FB6E853935}] => (Allow) D:\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe => Ningún archivo
FirewallRules: [{06C52D54-9520-4CB4-9E4A-D58544A1D57B}] => (Allow) D:\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe => Ningún archivo
FirewallRules: [{A287B231-2302-4978-A0FD-956DB03B9098}] => (Allow) D:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => Ningún archivo
FirewallRules: [{90FD0909-6AA2-4E63-9AC0-B4C218E3F113}] => (Allow) D:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => Ningún archivo
FirewallRules: [TCP Query User{0953E823-FE0A-428C-935D-E42A2296CB02}D:\valorant\riot games\riot client\riotclientservices.exe] => (Allow) D:\valorant\riot games\riot client\riotclientservices.exe => Ningún archivo
FirewallRules: [UDP Query User{0CCF996B-1E82-469F-B6EC-48A31031DA1E}D:\valorant\riot games\riot client\riotclientservices.exe] => (Allow) D:\valorant\riot games\riot client\riotclientservices.exe => Ningún archivo
FirewallRules: [{14007E37-DF4A-4B38-AB5B-687195FED331}] => (Allow) C:\Users\German\AppData\Local\Programs\Opera\79.0.4143.22\opera.exe => Ningún archivo
==================== Puntos de Restauración =========================
02-08-2022 15:15:47 Instalador de Módulos de Windows
09-08-2022 14:07:21 Revo Uninstaller's restore point - Altruistic
09-08-2022 14:14:23 Revo Uninstaller's restore point - Safer Web
09-08-2022 14:15:47 Revo Uninstaller's restore point - VPN by RAV
10-08-2022 18:37:47 Instalador de Módulos de Windows
10-08-2022 18:38:01 Instalador de Módulos de Windows
10-08-2022 18:39:06 Instalador de Módulos de Windows
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (08/12/2022 07:08:11 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2022-09-07T18:06:11Z. Código de error: 0x80070002.
Error: (08/12/2022 07:07:41 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2022-09-07T18:05:41Z. Código de error: 0x80070002.
Error: (08/12/2022 07:07:11 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2022-09-07T18:06:11Z. Código de error: 0x80070002.
Error: (08/12/2022 07:06:41 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2022-09-07T18:05:41Z. Código de error: 0x80070002.
Error: (08/12/2022 07:06:11 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2022-09-07T18:06:11Z. Código de error: 0x80070002.
Error: (08/12/2022 07:05:41 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2022-09-07T18:05:41Z. Código de error: 0x80070002.
Error: (08/12/2022 07:05:11 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2022-09-07T18:06:11Z. Código de error: 0x80070002.
Error: (08/12/2022 07:04:19 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2022-09-07T18:06:19Z. Código de error: 0x80070002.
Errores del sistema:
=============
Error: (08/11/2022 08:07:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de usuario de notificaciones de inserción de Windows_1d23105 terminó inesperadamente. Esto se ha repetido 2 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.
Error: (08/11/2022 07:33:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de usuario de notificaciones de inserción de Windows_1d23105 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.
Error: (08/11/2022 01:50:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error:
Se ha bloqueado la descarga de este controlador
Error: (08/11/2022 01:50:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\German\AppData\Local\Temp\ehdrv.sys
Error: (08/11/2022 01:50:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error:
Se ha bloqueado la descarga de este controlador
Error: (08/11/2022 01:50:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\German\AppData\Local\Temp\ehdrv.sys
Error: (08/11/2022 01:50:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error:
Se ha bloqueado la descarga de este controlador
Error: (08/11/2022 01:50:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\German\AppData\Local\Temp\ehdrv.sys
CodeIntegrity:
===============
Date: 2022-08-12 19:06:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2022-08-12 19:06:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-08-12 18:44:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\setup\uat_3080.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Información de la memoria ===========================
BIOS: American Megatrends Inc. F6 10/31/2017
Placa base: Gigabyte Technology Co., Ltd. Z370 AORUS Ultra Gaming-CF
Procesador: Intel(R) Core(TM) i7-8700 CPU @ 3.20GHz
Porcentaje de memoria en uso: 37%
RAM física total: 16329.61 MB
RAM física disponible: 10172.61 MB
Virtual total: 26569.61 MB
Virtual disponible: 18681.8 MB
==================== Unidades ================================
Drive c: () (Fixed) (Total:931 GB) (Free:363.16 GB) (Model: Samsung SSD 960 EVO 1TB) NTFS
Drive d: (ALMACENAMIENTO) (Fixed) (Total:1863.01 GB) (Free:1043.1 GB) (Model: WDC WD20EFRX-68EUZN0) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]
\\?\Volume{9b999f6f-0000-0000-0000-30c0e8000000}\ () (Fixed) (Total:0.51 GB) (Free:0.07 GB) NTFS
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9B999F6F)
Partition 1: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=520 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 9B999F6E)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Final de Addition.txt =======================Respecto a la pregunta sobre malwarebytes, si, puse todo en cuarentena y ha quedado ahi. El malware aún persiste. 
Hola, buenas @Defcon
Primero de todo disculpa que haya tardado en responder. Pues he estado otra temporada inactivo en el foro.
Sé que ha pasado algún tiempo.
Vamos a seguir.
Ok, perfecto
Sí, claro lógicamente. De la forma que hemos ejecutado el FRST no se ha realizado nada en el equipo como tal, solo sacar información.
Ahora voy a generarte el Script Personalizado para darle 
a los bichos.
Salu2.
Hola buenas de nuevo @Defcon
He estado revisando los logs y si bien ya podría ponerte el Script me he fijado 
que en el primer log el de: FRST.txt falta la cabecera inicial de información. Como decía, te podría ya mandar el Script, pero prefiero verla, así que me adjuntas esa cabecera. Que debería de ser muy parecida o casi igual a esta (la que tienes en el Addition.txt):
Me la traes y seguimos.
Salu2.
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 15-08-2022
Ejecutado por German (administrador) sobre DESKTOP-1P52CJS (Gigabyte Technology Co., Ltd. Z370 AORUS Ultra Gaming) (22-08-2022 21:51:37)
Ejecutado desde C:\Users\German\Desktop
Perfiles cargados: German
Plataforma: Microsoft Windows 10 Pro Versión 21H1 19043.1889 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(D:\Epic Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) D:\Epic Games\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(D:\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) D:\Epic Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) D:\Steam\steam.exe
(Google Inc -> Google LLC) C:\Users\German\AppData\Local\Google\Update\GoogleUpdate.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(RuntimeBroker.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(services.exe ->) (Altruistic Software -> Altruistic Software) [Archivo no firmado] [El archivo está en uso] C:\ProgramData\Altruistic\Altruistic.exe <2>
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_47917a79b8c7fd22\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(sihost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9230816 2017-07-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-08-25] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213760 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Genshin Impact Beta_Launcher] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\Run: [Steam] => D:\Steam\steam.exe [4234600 2022-08-19] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\Run: [Chromium] => "c:\users\german\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session [828416 2017-01-20] (The Chromium Authors) [Archivo no firmado]
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\Run: [EpicGamesLauncher] => D:\Epic Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32706512 2022-08-16] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\Run: [Google Update] => C:\Users\German\AppData\Local\Google\Update\1.3.36.132\GoogleUpdateCore.exe [227512 2022-05-01] (Google LLC -> Google LLC)
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\Run: [Spotify] => C:\Users\German\AppData\Roaming\Spotify\Spotify.exe [19842424 2022-08-22] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38274576 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\MountPoints2: {98647291-5750-11eb-8c34-e0d55e456318} - "F:\OnePlus_setup.exe" /s
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\MountPoints2: {ab07a6cb-910b-11ec-8c61-e0d55e456318} - "F:\OnePlus_setup.exe" /s
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\MountPoints2: {ab07a727-910b-11ec-8c61-e0d55e456318} - "F:\OnePlus_setup.exe" /s
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\104.0.5112.81\Installer\chrmstp.exe [2022-08-09] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {08E57A87-C4D7-4DB2-BEAF-EFD21AD4B0A8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8406496 2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {0961DAE7-DED5-4773-99FC-9C8B613DCCFA} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\German\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-08-10] (ESET, spol. s r.o. -> ESET)
Task: {0A3613A7-95D2-42E6-AA73-7673D704BB2E} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {1378B69F-751B-44FD-BE82-551F44A4EE42} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {16B90B7E-5E26-4931-AC53-4349A8B5EDC6} - System32\Tasks\Opera scheduled Autoupdate 1660063611 => C:\Users\German\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Ningún archivo)
Task: {1A239259-6A9F-483A-9A76-7C3986D698B9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {1AA58CC6-4270-46D8-BB88-D6C5EC39C055} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2056E232-E539-407F-924E-A59CE4E4166C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {2105C96E-CFAF-419D-BD3C-4F84B3950C78} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-08-12] (Piriform Software Ltd -> Piriform)
Task: {259FF5D1-F3F1-4B40-9CC2-8C4D97B3B1ED} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {313260A2-4DFA-443E-88A0-AA54D5F72B4B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {35AC8DC8-7145-4B87-9389-07E11CCAA5D1} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61856 2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {3B0F0E0E-FDB1-4343-8945-ADEE0B4B0EB7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8406496 2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {3DFE0753-0B17-415E-82BE-6A640E53F376} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-10] (Microsoft Windows -> Microsoft Corporation)
Task: {3EC9A433-31D3-4198-AAAD-471EAC647804} - System32\Tasks\GoogleUpdateTaskMachineUA{D512FE4D-8749-4EE6-8F4D-699F6DBAFADD} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-06-14] (Google Inc -> Google Inc.)
Task: {5259CA7C-36B8-45DC-9D8B-E069B6FEBB03} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {55A38C33-41C0-4D87-A47D-CA5D6BC98164} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {5A45811A-7F97-4DDC-9436-D4574ECFC884} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-60943599-1268960206-3839154373-1001Core{A69D28FF-D9AD-4837-B536-5995C0023926} => C:\Users\German\AppData\Local\Google\Update\GoogleUpdate.exe [155432 2019-10-18] (Google Inc -> Google LLC)
Task: {601AEE19-3061-4FA3-B324-3E1F3AA02EAF} - System32\Tasks\GoogleUpdateTaskMachineCore{9FFE43B8-07FF-4CB6-BE82-20AD366286AB} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-06-14] (Google Inc -> Google Inc.)
Task: {7308BA47-DA68-4F86-AE92-66F60E99BAE3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-60943599-1268960206-3839154373-1001UA{6734A64C-C24E-4273-B22B-F70FDA5ED79C} => C:\Users\German\AppData\Local\Google\Update\GoogleUpdate.exe [155432 2019-10-18] (Google Inc -> Google LLC)
Task: {862B36F5-C75A-4AC6-B5CB-E58563F897F2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {88E73F95-C55D-442F-AA25-B9CA9C8CED6F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\German\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-08-10] (ESET, spol. s r.o. -> ESET)
Task: {9170571C-8176-4D6D-A814-B17187D80FEA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {B250AA17-3541-401D-8570-53D1DF308D2A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B8CA12CC-304E-4F2D-80E1-2C2D0C9D37B2} - System32\Tasks\CCleanerSkipUAC - German => C:\Program Files\CCleaner\CCleaner.exe [31990800 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C89D421D-93DA-4F4A-AC10-6C6A5C0EF8D6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE0A407B-52AF-417C-B7FA-E7D079632F28} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {E30816BB-E011-43AF-BDE8-60DE9255955A} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-10] (Microsoft Windows -> Microsoft Corporation)
Task: {E7544ACE-678E-486A-A81F-2968DB7231AC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4928768 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
Task: {FEDBE244-BABF-4619-BCA9-7AAA8F5C91D8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
AutoConfigURL: [{1A6B70D3-BF32-4E36-A637-7E2F9717EA9D}] => hxxp://127.0.0.1:86/ <==== ATENCIÓN
AutoConfigURL: [{F0CCE269-1B3D-421C-9114-DB70367A9782}] => hxxp://127.0.0.1:86/ <==== ATENCIÓN
Tcpip\Parameters: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{746a57e3-000b-4a3c-bae2-7c05822a906b}: [DhcpNameServer] 186.130.128.250 186.130.129.250
Edge:
=======
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
Edge DefaultProfile: Default
Edge Profile: C:\Users\German\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-17]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\German\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-08-12]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Archivo no firmado]
FF Plugin-x32: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-07-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-07-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\German\AppData\Local\Google\Chrome\User Data\Default [2022-08-22]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-06-24]
CHR Extension: (Steamcito: Steam con impuestos Argentina 2022) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcjljapncagfmfhdkccgnbkgdpbcefcj [2022-07-14]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-18]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-08-17]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2022-07-21]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-08-17]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2022-08-18]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\German\AppData\Roaming\Opera Software\Opera Stable [2022-08-10]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3863256 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3701464 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AltruisticsService; C:\ProgramData\Altruistic\Altruistic.exe [18029528 2022-08-09] (Altruistic Software -> Altruistic Software) [Archivo no firmado] [El archivo está en uso]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8507448 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [589568 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [589056 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-31] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12102608 2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-07-27] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-02-26] (EasyAntiCheat Oy -> Epic Games, Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8680192 2022-08-09] (Malwarebytes Inc. -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [808728 2022-08-09] (McAfee, LLC -> McAfee, LLC)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
S2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2021-06-28] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6255896 2022-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ZeroTierOneService; C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe [1788400 2019-09-04] (ZeroTier, Inc. -> )
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_47917a79b8c7fd22\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_47917a79b8c7fd22\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [1459384 2021-04-04] (Tencent Technology(Shenzhen) Company Limited -> ANTICHEATEXPERT.COM)
S3 ACE-GAME; C:\WINDOWS\system32\drivers\ACE-GAME.sys [387752 2021-04-04] (Tencent Technology(Shenzhen) Company Limited -> ANTICHEATEXPERT.COM)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [41832 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [235576 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [389120 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [258048 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [104960 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [24528 2022-08-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [47976 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [275024 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [553928 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [113968 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [89032 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [859872 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [670776 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221512 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324840 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
S3 gdrv; C:\Windows\gdrv.sys [26192 2018-06-14] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-08-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2719256 2020-02-29] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 zttap300; C:\WINDOWS\System32\drivers\zttap300.sys [30488 2018-03-16] (ZeroTier Networks LLC -> ZeroTier Networks LLC)
S3 rsDwf; \SystemRoot\system32\DRIVERS\rsDwf.sys [X]
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) (Lista blanca) =========
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2022-08-22 21:51 - 2022-08-22 21:52 - 000029729 _____ C:\Users\German\Desktop\FRST.txt
2022-08-22 21:43 - 2022-08-22 21:43 - 000000000 ____D C:\Users\German\Desktop\FRST-OlderVersion
2022-08-12 21:35 - 2022-08-12 21:35 - 000000000 ____D C:\Users\German\AppData\LocalLow\Hyperstrange
2022-08-12 19:28 - 2022-08-12 19:28 - 000000000 ____D C:\WINDOWS\LastGood
2022-08-12 19:27 - 2022-07-22 01:25 - 000043184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-08-12 19:22 - 2022-07-28 04:28 - 001905920 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-08-12 19:22 - 2022-07-28 04:28 - 001905920 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-08-12 19:22 - 2022-07-28 04:28 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-08-12 19:22 - 2022-07-28 04:28 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-08-12 19:22 - 2022-07-28 04:27 - 001471992 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-08-12 19:22 - 2022-07-28 04:27 - 001432320 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-08-12 19:22 - 2022-07-28 04:27 - 001432320 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-08-12 19:22 - 2022-07-28 04:27 - 001213432 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-08-12 19:22 - 2022-07-28 04:27 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-08-12 19:22 - 2022-07-28 04:27 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-08-12 19:22 - 2022-07-28 04:24 - 000865776 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-08-12 19:22 - 2022-07-28 04:24 - 000771576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-08-12 19:22 - 2022-07-28 04:24 - 000687608 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-08-12 19:22 - 2022-07-28 04:23 - 002127872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-08-12 19:22 - 2022-07-28 04:23 - 001607680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-08-12 19:22 - 2022-07-28 04:23 - 001536504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-08-12 19:22 - 2022-07-28 04:23 - 001182712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-08-12 19:22 - 2022-07-28 04:23 - 000714752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-08-12 19:22 - 2022-07-28 04:22 - 010269688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-08-12 19:22 - 2022-07-28 04:22 - 008803832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-08-12 19:22 - 2022-07-28 04:22 - 005362672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-08-12 19:22 - 2022-07-28 04:22 - 003066872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-08-12 19:22 - 2022-07-28 04:22 - 001059328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-08-12 19:22 - 2022-07-28 04:22 - 000845296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-08-12 19:22 - 2022-07-28 04:22 - 000456176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-08-12 19:22 - 2022-07-28 04:21 - 005735920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-08-12 19:22 - 2022-07-28 04:21 - 000852976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-08-12 19:22 - 2022-07-28 04:20 - 006367440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-08-12 19:22 - 2022-07-22 01:25 - 000093241 _____ C:\WINDOWS\system32\nvinfo.pb
2022-08-12 19:06 - 2022-08-22 21:51 - 000000000 ____D C:\FRST
2022-08-11 20:41 - 2022-08-22 21:43 - 002371072 _____ (Farbar) C:\Users\German\Desktop\FRST64.exe
2022-08-11 17:32 - 2022-08-11 17:32 - 000357136 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_6f450ec0a_klark.sys
2022-08-11 17:31 - 2022-08-11 17:31 - 000299544 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\6f450ec0.sys
2022-08-11 17:31 - 2022-08-11 17:31 - 000270752 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_6f450ec0a_mark.sys
2022-08-11 17:31 - 2022-08-11 17:31 - 000000000 ____D C:\KVRT2020_Data
2022-08-11 17:30 - 2022-08-22 12:20 - 000003020 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2022-08-11 17:30 - 2022-08-22 12:20 - 000002640 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2022-08-10 21:00 - 2022-08-11 13:49 - 000001379 _____ C:\Users\German\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-08-10 21:00 - 2022-08-11 13:49 - 000001273 _____ C:\Users\German\Desktop\ESET Online Scanner.lnk
2022-08-10 21:00 - 2022-08-10 21:00 - 000000000 ____D C:\Users\German\AppData\Local\ESET
2022-08-10 20:58 - 2022-08-10 21:03 - 119695440 _____ (AO Kaspersky Lab) C:\Users\German\Desktop\KVRT.exe
2022-08-10 20:57 - 2022-08-10 20:58 - 015274968 _____ (ESET) C:\Users\German\Downloads\esetonlinescanner.exe
2022-08-10 20:28 - 2022-08-10 20:28 - 000001815 _____ C:\Users\German\Downloads\1.txt
2022-08-10 20:28 - 2022-08-10 20:28 - 000001815 _____ C:\Users\German\Downloads\1 (1).txt
2022-08-10 20:10 - 2022-08-10 20:11 - 000000000 ____D C:\AdwCleaner
2022-08-10 20:09 - 2022-08-10 20:10 - 008551608 _____ (Malwarebytes) C:\Users\German\Downloads\adwcleaner.exe
2022-08-10 19:14 - 2022-08-10 19:14 - 000458916 _____ C:\Users\German\Desktop\cc_20220810_191401.reg
2022-08-10 18:44 - 2022-08-10 18:44 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-08-10 18:44 - 2022-08-10 18:44 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-08-10 18:43 - 2022-08-10 18:43 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-08-10 18:43 - 2022-08-10 18:43 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-08-10 18:43 - 2022-08-10 18:43 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-10 18:43 - 2022-08-10 18:43 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-08-10 18:43 - 2022-08-10 18:43 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-08-10 18:43 - 2022-08-10 18:43 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-08-10 18:38 - 2022-08-10 18:38 - 000000000 ___HD C:\$WinREAgent
2022-08-10 18:26 - 2022-08-22 21:36 - 000000000 ____D C:\Program Files\CCleaner
2022-08-10 18:26 - 2022-08-22 12:20 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-08-10 18:26 - 2022-08-22 12:20 - 000002252 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - German
2022-08-10 18:26 - 2022-08-10 18:26 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-08-10 18:26 - 2022-08-10 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-08-10 18:24 - 2022-08-10 18:25 - 049909560 _____ (Piriform Software Ltd) C:\Users\German\Downloads\ccsetup602.exe
2022-08-09 14:04 - 2022-08-09 14:04 - 007521232 _____ (VS Revo Group ) C:\Users\German\Downloads\revosetup.exe
2022-08-09 14:04 - 2022-08-09 14:04 - 000001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2022-08-09 14:04 - 2022-08-09 14:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-08-09 14:04 - 2022-08-09 14:04 - 000000000 ____D C:\Program Files\VS Revo Group
2022-08-09 13:57 - 2022-08-09 13:57 - 002556344 _____ (Malwarebytes) C:\Users\German\Downloads\MBSetup.exe
2022-08-09 13:49 - 2022-08-09 13:49 - 000005016 _____ C:\ProgramData\rsEngine.config.backup
2022-08-09 13:48 - 2022-08-09 13:52 - 000000000 ____D C:\Program Files\RAVAntivirus
2022-08-09 13:48 - 2022-08-09 13:51 - 000000000 ____D C:\Program Files (x86)\rsStubActivator-1.1.1
2022-08-09 13:46 - 2022-08-22 21:36 - 000000000 ____D C:\ProgramData\Altruistic
2022-08-09 13:46 - 2022-08-22 12:20 - 000003614 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1660063611
2022-08-09 13:46 - 2022-08-17 18:12 - 000000000 ____D C:\Users\German\AppData\Roaming\Altruistic
2022-08-09 13:46 - 2022-08-09 13:46 - 000001092 _____ C:\Users\German\Downloads\universal adobe patcher.exe.lnk
2022-08-09 13:46 - 2022-08-09 13:46 - 000000000 ____D C:\Users\German\AppData\Roaming\Opera Software
2022-08-09 13:46 - 2022-08-09 13:46 - 000000000 ____D C:\Users\German\AppData\Local\TaskbarSystem
2022-08-09 13:46 - 2022-08-09 13:46 - 000000000 ____D C:\Users\German\AppData\Local\Opera Software
2022-08-09 13:46 - 2022-08-09 13:46 - 000000000 ____D C:\Program Files\McAfee
2022-08-09 13:45 - 2022-08-09 13:46 - 000000000 ____D C:\ProgramData\McAfee
2022-08-07 17:23 - 2022-08-07 17:23 - 000000000 ____D C:\Users\German\Desktop\Divine frequency
2022-08-05 21:18 - 2022-08-05 21:18 - 000270592 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-08-05 21:18 - 2022-08-05 21:18 - 000221512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-07-28 14:08 - 2022-07-28 14:08 - 000000000 ____D C:\Users\German\AppData\Local\HLL
2022-07-28 14:08 - 2022-07-28 14:08 - 000000000 ____D C:\Users\German\AppData\Local\AWSToolkit
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2022-08-22 21:50 - 2020-07-05 15:53 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-08-22 21:36 - 2020-01-11 23:48 - 000000000 ____D C:\Users\German\AppData\Roaming\Spotify
2022-08-22 21:36 - 2020-01-11 23:48 - 000000000 ____D C:\Users\German\AppData\Local\Spotify
2022-08-22 21:36 - 2018-06-14 09:07 - 000000000 ____D C:\ProgramData\NVIDIA
2022-08-22 12:20 - 2022-05-19 17:48 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-08-22 12:20 - 2022-01-19 12:42 - 000003636 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-22 12:20 - 2022-01-19 12:42 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-08-22 12:20 - 2020-10-03 16:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-08-22 12:15 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-21 11:48 - 2020-06-07 19:59 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-21 11:48 - 2020-06-07 19:59 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-08-21 11:48 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-21 11:48 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-08-21 00:32 - 2018-06-19 21:38 - 000000000 ____D C:\Users\German\AppData\Roaming\discord
2022-08-20 23:43 - 2018-06-19 21:38 - 000000000 ____D C:\Users\German\AppData\Local\Discord
2022-08-20 12:07 - 2020-10-03 16:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-08-14 17:10 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF
2022-08-14 17:10 - 2018-06-15 14:35 - 000000000 ____D C:\Program Files\Microsoft Office
2022-08-12 19:33 - 2018-09-08 16:09 - 000000000 ____D C:\Users\German\AppData\Local\CrashDumps
2022-08-12 19:29 - 2018-06-15 14:51 - 000000000 ____D C:\Users\German\AppData\Local\NVIDIA
2022-08-12 19:12 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-08-11 19:30 - 2018-07-10 18:08 - 000000000 ____D C:\Users\German\AppData\Local\D3DSCache
2022-08-11 19:28 - 2018-06-19 21:38 - 000002232 _____ C:\Users\German\Desktop\Discord.lnk
2022-08-11 17:04 - 2021-07-22 18:39 - 000000000 ____D C:\Program Files (x86)\Origin
2022-08-10 21:29 - 2018-07-31 13:03 - 000000000 ____D C:\Users\German\AppData\Roaming\uTorrent
2022-08-10 19:33 - 2018-06-14 09:20 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-10 19:23 - 2020-10-03 16:40 - 001774682 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-10 19:23 - 2019-12-07 11:55 - 000788386 _____ C:\WINDOWS\system32\perfh00A.dat
2022-08-10 19:23 - 2019-12-07 11:55 - 000155774 _____ C:\WINDOWS\system32\perfc00A.dat
2022-08-10 19:18 - 2020-12-30 17:35 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-08-10 19:18 - 2020-10-03 16:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-08-10 19:18 - 2020-10-03 16:31 - 005118888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-08-10 19:18 - 2020-10-03 16:31 - 000008192 ___SH C:\DumpStack.log.tmp
2022-08-10 19:18 - 2018-06-14 09:42 - 000000000 ____D C:\ProgramData\AVAST Software
2022-08-10 19:17 - 2019-12-07 11:58 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-08-10 19:17 - 2019-12-07 11:58 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-08-10 19:17 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-08-10 19:17 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-08-10 19:17 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-08-10 19:17 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-08-10 19:17 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-08-10 19:17 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-08-10 19:17 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-08-10 19:17 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-08-10 19:17 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-08-10 19:17 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-08-10 19:17 - 2019-12-07 06:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-08-10 19:11 - 2020-09-24 00:18 - 000000000 ___DC C:\WINDOWS\Panther
2022-08-10 19:11 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-08-10 18:45 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-08-10 18:43 - 2020-10-03 16:35 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-08-10 18:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-08-10 18:37 - 2018-06-15 15:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-08-10 18:35 - 2018-06-15 15:04 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-08-09 19:29 - 2018-06-14 09:20 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-08-09 14:04 - 2020-05-06 11:25 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-08-09 14:04 - 2020-05-06 11:25 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-08-09 14:04 - 2020-05-06 11:25 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-08-09 14:02 - 2020-12-30 17:35 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-08-09 13:58 - 2020-05-06 11:25 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-08-09 13:58 - 2020-05-06 11:24 - 000000000 ____D C:\Program Files\Malwarebytes
2022-08-05 21:18 - 2022-06-27 11:48 - 000024528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2022-08-05 21:18 - 2021-12-22 18:49 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-08-05 21:18 - 2020-10-21 12:40 - 000275024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-08-05 21:18 - 2020-04-19 20:57 - 000553928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-08-05 21:18 - 2019-12-07 06:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-08-05 21:18 - 2019-01-14 21:58 - 000389120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-08-05 21:18 - 2019-01-08 14:05 - 000258048 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-08-05 21:18 - 2019-01-08 14:05 - 000104960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-08-05 21:18 - 2019-01-08 14:05 - 000041832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-08-05 21:18 - 2018-11-01 14:20 - 000047976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-08-05 21:18 - 2018-06-14 09:49 - 000859872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-08-05 21:18 - 2018-06-14 09:49 - 000670776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-08-05 21:18 - 2018-06-14 09:49 - 000324840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-08-05 21:18 - 2018-06-14 09:49 - 000235576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-08-05 21:18 - 2018-06-14 09:49 - 000113968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-08-05 21:18 - 2018-06-14 09:49 - 000089032 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-08-02 17:24 - 2021-01-27 22:44 - 000000000 ____D C:\Users\German\AppData\Roaming\EasyAntiCheat
2022-07-28 04:20 - 2020-09-29 14:27 - 007483424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-07-27 11:49 - 2018-06-15 14:41 - 000000000 ____D C:\Users\German\AppData\Local\Adobe
==================== Archivos en la raíz de algunos directorios ========
2018-06-21 21:28 - 2022-02-05 22:01 - 000000132 _____ () C:\Users\German\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2020-10-10 14:34 - 2021-06-10 19:00 - 000001456 _____ () C:\Users\German\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2020-07-05 17:03 - 2020-07-05 17:03 - 000000000 _____ () C:\Users\German\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
==================== Final de FRST.txt ========================No se si faltará algo más. He pegado todo lo que aparece en el .txt
Algo curioso que noté es que muestra que tengo Opera y FIrefox. Esos se instalaron solos y los terminé borrando. Me parece curioso que los muestre, o será que hace un análisis de todos los motores de búsqueda en gral?
1 me gusta
Hola buenas @Defcon
PREGUNTAS
Reconoces haber instalado estos programas en tu sistema. Dime línea a línea (programa por programa):
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
MSVCRT Redists (HKLM\...\{3BFC9CAE-091D-11E4-886A-F04DA23A5C58}) (Version: 1.0 - Sony Creative Software Inc.) Hidden
ZeroTier One (HKLM-x32\...\{80CEE5C9-4DF0-43F5-B232-484D6455978E}) (Version: 1.4.6 - ZeroTier, Inc.) Hidden
ZeroTier One (HKLM-x32\...\ZeroTier One 1.4.6) (Version: 1.4.6 - ZeroTier, Inc.)
ZeroTier One Virtual Network Port (HKLM\...\{4AFE4740-C680-40FE-B6B0-0C15EB0176F1}) (Version: 1.0.0 - ZeroTier) Hidden DESINSTALACIÓN
Para los programas en que te diga: los quitas. Hazlo así:
Desinstalalos con Revo Uninstaller en su Modo Avanzado. Para ello sigues su manual la parte de desinstalación de programas.
Quitas los siguientes programas:
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
WebAdvisor de McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.748 - McAfee, LLC)En caso de no encontrarlos con el Revo, pues sigues con los siguientes pasos.
También eliminarás los siguientes programas con sus herramientas específicas de desinstalación. Estos son:
McAfeePara ello utilizas la siguiente guía: Herramientas de desinstalación de Antivirus, AntiSpyware y Firewall más cocnretamente el siguiente apartado: Herramientas de desinstalación de Antivirus, AntiSpyware y Firewall (Pasos a seguir para una correcta desinstalación y/o limpieza de rastros).
Descargas la herramienta específica que es: https://us.mcafee.com/apps/supporttools/mcpr/mcpr.asp (Descarga de MCPR - de McAfee).
Ahora debes de hacer una COPIA DE SEGURIDAD DEL REGISTRO, para ello:
-
Reinicias el ordenador en Modo Normal.
-
Descargas DelFix en tu escritorio.
-
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)
-
Marcas solamente la casilla de Create registry backup, el resto te aseguras de que no estén seleccionadas.
-
Presionas en Run.
Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.
Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Folder: C:\Program Files\McAfee
Folder: C:\ProgramData\Altruistic
Folder: C:\Users\German\AppData\Roaming\Altruistic
Folder: C:\ProgramData\ZeroTier
Folder: C:\Program Files\RAVAntivirus
Folder: C:\Program Files (x86)\rsStubActivator-1.1.1
Folder: C:\Users\German\AppData\Local\HLL
Folder: C:\Users\German\AppData\Roaming\uTorrent
File: C:\ProgramData\Altruistic\Altruistic.exe;C:\WINDOWS\SysWOW64\PnkBstrA.exe;C:\WINDOWS\xhunter1.sys;C:\WINDOWS\System32\drivers\zttap300.sys
VirusTotal: C:\ProgramData\Altruistic\Altruistic.exe;C:\WINDOWS\SysWOW64\PnkBstrA.exe;C:\WINDOWS\xhunter1.sys;C:\WINDOWS\System32\drivers\zttap300.sys
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(services.exe ->) (Altruistic Software -> Altruistic Software) [Archivo no firmado] [El archivo está en uso] C:\ProgramData\Altruistic\Altruistic.exe <2>
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
HKLM-x32\...\Run: [Genshin Impact Beta_Launcher] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\MountPoints2: {98647291-5750-11eb-8c34-e0d55e456318} - "F:\OnePlus_setup.exe" /s
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\MountPoints2: {ab07a6cb-910b-11ec-8c61-e0d55e456318} - "F:\OnePlus_setup.exe" /s
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\MountPoints2: {ab07a727-910b-11ec-8c61-e0d55e456318} - "F:\OnePlus_setup.exe" /s
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {16B90B7E-5E26-4931-AC53-4349A8B5EDC6} - System32\Tasks\Opera scheduled Autoupdate 1660063611 => C:\Users\German\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Ningún archivo)
AutoConfigURL: [{1A6B70D3-BF32-4E36-A637-7E2F9717EA9D}] => hxxp://127.0.0.1:86/ <==== ATENCIÓN
AutoConfigURL: [{F0CCE269-1B3D-421C-9114-DB70367A9782}] => hxxp://127.0.0.1:86/ <==== ATENCIÓN
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
R2 AltruisticsService; C:\ProgramData\Altruistic\Altruistic.exe [18029528 2022-08-09] (Altruistic Software -> Altruistic Software) [Archivo no firmado] [El archivo está en uso]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [808728 2022-08-09] (McAfee, LLC -> McAfee, LLC)
S3 rsDwf; \SystemRoot\system32\DRIVERS\rsDwf.sys [X]
2022-08-10 18:38 - 2022-08-10 18:38 - 000000000 ___HD C:\$WinREAgent
2022-08-09 13:46 - 2022-08-22 21:36 - 000000000 ____D C:\ProgramData\Altruistic
2022-08-09 13:46 - 2022-08-17 18:12 - 000000000 ____D C:\Users\German\AppData\Roaming\Altruistic
2022-08-09 13:46 - 2022-08-09 13:46 - 000001092 _____ C:\Users\German\Downloads\universal adobe patcher.exe.lnk
2022-08-09 13:46 - 2022-08-09 13:46 - 000000000 ____D C:\Program Files\McAfee
2022-08-09 13:45 - 2022-08-09 13:46 - 000000000 ____D C:\ProgramData\McAfee
2022-07-28 14:08 - 2022-07-28 14:08 - 000000000 ____D C:\Users\German\AppData\Local\HLL
2022-08-10 21:29 - 2018-07-31 13:03 - 000000000 ____D C:\Users\German\AppData\Roaming\uTorrent
2022-08-10 19:18 - 2020-10-03 16:31 - 000008192 ___SH C:\DumpStack.log.tmp
AlternateDataStreams: C:\WINDOWS\tracing:? [16]
AlternateDataStreams: C:\Users\German:Heroes & Generals [38]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log:F107EE40EF [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log_backup1:2DD1EC5C91 [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer10.log:CCC93B07B0 [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer10.log_backup1:AD433BF298 [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer11.log_backup1:97A90964FA [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer12.log:C40F6B9209 [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer12.log_backup1:7CC29836A6 [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer13.log:AE3C879266 [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer14.log:DE1448F4D7 [2498]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [2498]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk:21661D084B [2498]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [2498]
FirewallRules: [{83D40EE7-49F3-4408-9C50-A123A51D0E5A}] => (Allow) LPort=9993
FirewallRules: [{C604D978-E781-4F18-9754-3F95F4B5900B}] => (Allow) LPort=9993
FirewallRules: [TCP Query User{55C5C92A-0F34-40D6-A987-D8FDF3935998}C:\users\german\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\german\appdata\roaming\utorrent\utorrent.exe => Ningún archivo
FirewallRules: [UDP Query User{AB023C28-6D88-4012-9465-4B1FF6A0FE8E}C:\users\german\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\german\appdata\roaming\utorrent\utorrent.exe => Ningún archivo
FirewallRules: [TCP Query User{4B61C96B-CFC5-4404-BAD2-8FDC4871ADE8}C:\users\german\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\german\appdata\roaming\utorrent\utorrent.exe => Ningún archivo
FirewallRules: [UDP Query User{5E638672-88B7-43B9-850D-7363032D5B7C}C:\users\german\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\german\appdata\roaming\utorrent\utorrent.exe => Ningún archivo
FirewallRules: [UDP Query User{E830B09A-B81B-4E64-A404-0DFEDCC00338}D:\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{102B2BFA-4752-435D-B7C6-9178986D9639}D:\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{4FBB05A4-7554-4BB0-BD5D-5EBF7EFE44B8}D:\among us\among us 2020.9.1\among us.exe] => (Allow) D:\among us\among us 2020.9.1\among us.exe => Ningún archivo
FirewallRules: [TCP Query User{A1609C15-EA89-4ECE-9D0C-26568E2FCC48}D:\among us\among us 2020.9.1\among us.exe] => (Allow) D:\among us\among us 2020.9.1\among us.exe => Ningún archivo
FirewallRules: [UDP Query User{5EDD7AB9-49B6-4782-8D75-F21D6218B50D}D:\remnant\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) D:\remnant\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{70BB7A01-F9B9-426C-8B81-14F2B9FCB85C}D:\remnant\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) D:\remnant\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{59BED441-06AF-48E3-AA7E-250F151239A7}D:\steam\steamapps\common\goat of duty\goatofduty\binaries\win64\goatofduty-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\goat of duty\goatofduty\binaries\win64\goatofduty-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{202066BA-E7A2-4F7D-AFB5-79CE0A9B5E4F}D:\steam\steamapps\common\goat of duty\goatofduty\binaries\win64\goatofduty-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\goat of duty\goatofduty\binaries\win64\goatofduty-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{ABB3DD9B-F1C7-4A58-AD50-F93A30658628}D:\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\cod warzone\call of duty modern warfare\modernwarfare.exe => Ningún archivo
FirewallRules: [TCP Query User{4A2AA3AB-360C-4F99-A806-E49F3E50B768}D:\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\cod warzone\call of duty modern warfare\modernwarfare.exe => Ningún archivo
FirewallRules: [UDP Query User{B19D5D7C-CD08-40AB-B6EF-D61909BDF810}D:\steam\steamapps\common\mist survival\mistsurvival\binaries\win64\mistsurvival-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\mist survival\mistsurvival\binaries\win64\mistsurvival-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{33B325E4-6A4A-47AD-BD55-84D1B6A88DE9}D:\steam\steamapps\common\mist survival\mistsurvival\binaries\win64\mistsurvival-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\mist survival\mistsurvival\binaries\win64\mistsurvival-win64-shipping.exe => Ningún archivo
FirewallRules: [{49E041FC-1ED5-48FB-B15A-B24E10EE2B47}] => (Allow) D:\Steam\steamapps\common\Zombie_Driver_HD\bin\ZombieDriverHD.exe => Ningún archivo
FirewallRules: [{844E4F22-8776-459D-9AB3-F01D6DE8668D}] => (Allow) D:\Steam\steamapps\common\Zombie_Driver_HD\bin\ZombieDriverHD.exe => Ningún archivo
FirewallRules: [UDP Query User{FD945848-7D23-472D-BB33-6D4ED3F08B01}D:\steam\steamapps\common\chernobylite\chernobylgame\binaries\win64\chernobylgame-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\chernobylite\chernobylgame\binaries\win64\chernobylgame-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{10F964FF-473A-4725-8464-7CB784B8FEBC}D:\steam\steamapps\common\chernobylite\chernobylgame\binaries\win64\chernobylgame-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\chernobylite\chernobylgame\binaries\win64\chernobylgame-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{1BE80B67-C5E7-4003-B663-17BF8D321840}D:\baba yaga\yaga\yaga.exe] => (Allow) D:\baba yaga\yaga\yaga.exe => Ningún archivo
FirewallRules: [TCP Query User{19B03550-3C12-41B7-9EA2-F0CD02F1DBD4}D:\baba yaga\yaga\yaga.exe] => (Allow) D:\baba yaga\yaga\yaga.exe => Ningún archivo
FirewallRules: [UDP Query User{658B537B-8A95-4907-A288-2BF945E677FF}D:\diablo 2\diablo.ii.lod.v1.14d.lan-pcmymjuegos\pcmymjuegos\game.exe] => (Allow) D:\diablo 2\diablo.ii.lod.v1.14d.lan-pcmymjuegos\pcmymjuegos\game.exe => Ningún archivo
FirewallRules: [TCP Query User{436395BB-3E57-48B3-82E0-7D58B302C9FE}D:\diablo 2\diablo.ii.lod.v1.14d.lan-pcmymjuegos\pcmymjuegos\game.exe] => (Allow) D:\diablo 2\diablo.ii.lod.v1.14d.lan-pcmymjuegos\pcmymjuegos\game.exe => Ningún archivo
FirewallRules: [{8E050916-BD6D-489B-8E4C-42D850E59F8E}] => (Allow) D:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => Ningún archivo
FirewallRules: [{640BC32E-FAA8-44ED-B550-C5AD5A1FF2DD}] => (Allow) D:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => Ningún archivo
FirewallRules: [TCP Query User{00ADB795-03A5-4C59-BD0C-719C187F5F40}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => Ningún archivo
FirewallRules: [UDP Query User{2634B772-88DE-40E7-8963-1A183B5ED433}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => Ningún archivo
FirewallRules: [{F79AB733-CEBD-4B5A-A900-2F8604495272}] => (Allow) D:\Escape from Tarkov\BsgLauncher\BsgLauncher.exe => Ningún archivo
FirewallRules: [{5DB16D29-939F-41A5-AB63-D4F0EE7BFD28}] => (Allow) D:\Escape from Tarkov\BsgLauncher\BsgLauncher.exe => Ningún archivo
FirewallRules: [TCP Query User{EDD40E63-EB57-404F-9036-77C9ACDCE0A1}D:\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe] => (Allow) D:\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe => Ningún archivo
FirewallRules: [UDP Query User{AF26E0C5-49A6-44C9-842E-9CC6EFB6CB1C}D:\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe] => (Allow) D:\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe => Ningún archivo
FirewallRules: [TCP Query User{543C160B-7063-4006-B048-0C7E669D2213}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Ningún archivo
FirewallRules: [UDP Query User{35701FDD-A4A0-4145-817E-EBB4F850F562}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Ningún archivo
FirewallRules: [TCP Query User{9CC1DB5A-D19E-4053-8912-0DF4B5F54F63}D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe] => (Allow) D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe => Ningún archivo
FirewallRules: [UDP Query User{DB3FC385-BAA6-4E02-8980-D485632213CA}D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe] => (Allow) D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe => Ningún archivo
FirewallRules: [TCP Query User{2542E070-8492-4C3D-A136-53F5092236B8}D:\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\steam\steamapps\common\planetside 2\planetside2_x64.exe => Ningún archivo
FirewallRules: [UDP Query User{7F1EA174-A9F3-41BE-B6D1-CD79FC3452A6}D:\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\steam\steamapps\common\planetside 2\planetside2_x64.exe => Ningún archivo
FirewallRules: [TCP Query User{68D3AD29-88B3-4E7E-8C4B-1C96F9A88F2C}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe => Ningún archivo
FirewallRules: [UDP Query User{9437B0AD-8EB9-445C-A08D-E19D396196F2}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe => Ningún archivo
FirewallRules: [TCP Query User{5044C501-23C5-433B-900F-EECCAFAE9157}D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe] => (Allow) D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe => Ningún archivo
FirewallRules: [UDP Query User{023DAD90-5CB8-4AC1-95B1-3E53269A980A}D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe] => (Allow) D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe => Ningún archivo
FirewallRules: [TCP Query User{0DC68BFB-851B-4577-BC7B-73660457DF08}D:\steam\steamapps\common\desolate\desolate\binaries\win64\sh-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\desolate\desolate\binaries\win64\sh-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{C21E6849-2071-4639-B46B-8862A990C396}D:\steam\steamapps\common\desolate\desolate\binaries\win64\sh-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\desolate\desolate\binaries\win64\sh-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{57774A71-AE9B-4024-9B4F-592C5B324B1A}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => Ningún archivo
FirewallRules: [UDP Query User{102DCDBE-2A19-4099-AFC0-50CD031EB555}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => Ningún archivo
FirewallRules: [TCP Query User{FE32E484-2ACF-42EB-8C99-AE8392888275}D:\cod warzone\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) D:\cod warzone\call of duty black ops cold war\blackopscoldwar.exe => Ningún archivo
FirewallRules: [UDP Query User{06C2347E-E6E3-493B-AE4C-FA8C0B00F790}D:\cod warzone\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) D:\cod warzone\call of duty black ops cold war\blackopscoldwar.exe => Ningún archivo
FirewallRules: [TCP Query User{4EBA6AD8-3FF9-4AFB-9BB3-632690F687C0}D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Ningún archivo
FirewallRules: [UDP Query User{6C0EF96F-EDC9-4A57-B88B-C62CB99A1A39}D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Ningún archivo
FirewallRules: [TCP Query User{DC7B0C7D-2941-4146-963B-58C60AFC12F1}D:\steam\steamapps\common\ebola 2\thesin\binaries\win64\thesin-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\ebola 2\thesin\binaries\win64\thesin-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{391BA239-945C-44FC-908D-63F5906272D4}D:\steam\steamapps\common\ebola 2\thesin\binaries\win64\thesin-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\ebola 2\thesin\binaries\win64\thesin-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{515F67CD-A391-4ED8-A0E7-EF17404683AD}D:\steam\steamapps\common\7 days to die - copia\7daystodie.exe] => (Allow) D:\steam\steamapps\common\7 days to die - copia\7daystodie.exe => Ningún archivo
FirewallRules: [UDP Query User{2D0EC506-ADBB-4F01-94D1-F92A515BC56A}D:\steam\steamapps\common\7 days to die - copia\7daystodie.exe] => (Allow) D:\steam\steamapps\common\7 days to die - copia\7daystodie.exe => Ningún archivo
FirewallRules: [TCP Query User{5FE7BAFE-0498-4019-A952-752E16F6B8D2}D:\the shore\the shore\theisland\binaries\win64\theisland.exe] => (Allow) D:\the shore\the shore\theisland\binaries\win64\theisland.exe => Ningún archivo
FirewallRules: [UDP Query User{DD5B8479-2F85-4D8D-A612-44071965D938}D:\the shore\the shore\theisland\binaries\win64\theisland.exe] => (Allow) D:\the shore\the shore\theisland\binaries\win64\theisland.exe => Ningún archivo
FirewallRules: [TCP Query User{2B7AFCB0-F0C2-499A-B4CF-92AF0A7E0583}D:\enlisted\enlisted\launcher.exe] => (Allow) D:\enlisted\enlisted\launcher.exe => Ningún archivo
FirewallRules: [UDP Query User{0E26494E-2A21-431C-AFDA-2C511834AE4C}D:\enlisted\enlisted\launcher.exe] => (Allow) D:\enlisted\enlisted\launcher.exe => Ningún archivo
FirewallRules: [TCP Query User{9B07076B-FA4A-4F1C-8CA5-B791707CD487}D:\enlisted\enlisted\win64\enlisted.exe] => (Allow) D:\enlisted\enlisted\win64\enlisted.exe => Ningún archivo
FirewallRules: [UDP Query User{BCF1B678-0072-47AE-BCDE-96FD81791745}D:\enlisted\enlisted\win64\enlisted.exe] => (Allow) D:\enlisted\enlisted\win64\enlisted.exe => Ningún archivo
FirewallRules: [TCP Query User{7CD5FF9D-FCD6-426D-A632-EC854C664694}D:\remnant\overcooked2\overcooked2.exe] => (Allow) D:\remnant\overcooked2\overcooked2.exe => Ningún archivo
FirewallRules: [UDP Query User{5EF0DE2F-1E04-4040-9A05-99BAF7262BFE}D:\remnant\overcooked2\overcooked2.exe] => (Allow) D:\remnant\overcooked2\overcooked2.exe => Ningún archivo
FirewallRules: [TCP Query User{8CCA4B11-A19A-461C-A678-950B18ED0248}D:\steam\steamapps\common\battlefield 4\bf4.exe] => (Allow) D:\steam\steamapps\common\battlefield 4\bf4.exe => Ningún archivo
FirewallRules: [UDP Query User{51878D86-AB04-4899-84D0-3B00E69FFC8A}D:\steam\steamapps\common\battlefield 4\bf4.exe] => (Allow) D:\steam\steamapps\common\battlefield 4\bf4.exe => Ningún archivo
FirewallRules: [TCP Query User{601509DA-A21A-43EA-B09B-5D67F76871E5}D:\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{8744001A-F20A-429D-9023-DEF855F0E69D}D:\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{F12DD89E-AC07-4428-BEF4-6A211F897859}D:\ghost recon future soldier\tom clancys ghost recon future soldier\future soldier dx11.exe] => (Allow) D:\ghost recon future soldier\tom clancys ghost recon future soldier\future soldier dx11.exe => Ningún archivo
FirewallRules: [UDP Query User{DB51B871-FD06-46A9-89C4-2BE020E111F4}D:\ghost recon future soldier\tom clancys ghost recon future soldier\future soldier dx11.exe] => (Allow) D:\ghost recon future soldier\tom clancys ghost recon future soldier\future soldier dx11.exe => Ningún archivo
FirewallRules: [TCP Query User{F510D060-C5D2-4029-8BD2-2E2CF933EA8D}D:\steam\steamapps\common\battlefield 2042\bf2042.exe] => (Allow) D:\steam\steamapps\common\battlefield 2042\bf2042.exe => Ningún archivo
FirewallRules: [UDP Query User{E8058751-269B-40FA-80D0-4B7A12809756}D:\steam\steamapps\common\battlefield 2042\bf2042.exe] => (Allow) D:\steam\steamapps\common\battlefield 2042\bf2042.exe => Ningún archivo
FirewallRules: [{52875699-6D78-49B9-8227-699C2C531DA9}] => (Allow) D:\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => Ningún archivo
FirewallRules: [{BADFF65C-A01E-4F87-859A-3FCC08ADE6D7}] => (Allow) D:\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => Ningún archivo
FirewallRules: [TCP Query User{813122F4-BA62-4251-BAE8-5B3E0152D214}D:\juegos epic\secondextinction\secondextinctioneos.exe] => (Allow) D:\juegos epic\secondextinction\secondextinctioneos.exe => Ningún archivo
FirewallRules: [UDP Query User{B9182AB4-8F73-4091-8036-46BDB2DD6F94}D:\juegos epic\secondextinction\secondextinctioneos.exe] => (Allow) D:\juegos epic\secondextinction\secondextinctioneos.exe => Ningún archivo
FirewallRules: [{B129B496-BC8E-400E-B1AC-28FB6E853935}] => (Allow) D:\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe => Ningún archivo
FirewallRules: [{06C52D54-9520-4CB4-9E4A-D58544A1D57B}] => (Allow) D:\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe => Ningún archivo
FirewallRules: [{A287B231-2302-4978-A0FD-956DB03B9098}] => (Allow) D:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => Ningún archivo
FirewallRules: [{90FD0909-6AA2-4E63-9AC0-B4C218E3F113}] => (Allow) D:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => Ningún archivo
FirewallRules: [TCP Query User{0953E823-FE0A-428C-935D-E42A2296CB02}D:\valorant\riot games\riot client\riotclientservices.exe] => (Allow) D:\valorant\riot games\riot client\riotclientservices.exe => Ningún archivo
FirewallRules: [UDP Query User{0CCF996B-1E82-469F-B6EC-48A31031DA1E}D:\valorant\riot games\riot client\riotclientservices.exe] => (Allow) D:\valorant\riot games\riot client\riotclientservices.exe => Ningún archivo
FirewallRules: [{14007E37-DF4A-4B38-AB5B-687195FED331}] => (Allow) C:\Users\German\AppData\Local\Programs\Opera\79.0.4143.22\opera.exe => Ningún archivo
C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
C:\Program Files\McAfee
C:\ProgramData\Altruistic\Altruistic.exe
C:\ProgramData\Altruistic
C:\Users\German\AppData\Roaming\Altruistic
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
ENDLo guardas con el nombre de FIXLIST.TXT en tu escritorio (MUY IMPORTANTE). Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.
Finalmente (OJO, en MODO NORMAL):
-
Ejecutas nuevamente FRST.exe (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador).
-
Presionas sobre Fix/Corregir y esperas a que finalice el proceso. No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.
-
Cunado finalice, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta.
-
Reinicias el ordenador en Modo Normal compruebas durante un rato el funcionamiento de este y comentas como sigue el problema inicialmente planteado.
Muy Importante Coloca el reporte que te he pedido como se muestra en la siguiente imagen:
Salu2.
Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 15-08-2022
Ejecutado por German (25-08-2022 21:01:19) Run:1
Ejecutado desde C:\Users\German\Desktop
Perfiles cargados: German
Modo de Inicio: Normal
==============================================
fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Folder: C:\Program Files\McAfee
Folder: C:\ProgramData\Altruistic
Folder: C:\Users\German\AppData\Roaming\Altruistic
Folder: C:\ProgramData\ZeroTier
Folder: C:\Program Files\RAVAntivirus
Folder: C:\Program Files (x86)\rsStubActivator-1.1.1
Folder: C:\Users\German\AppData\Local\HLL
Folder: C:\Users\German\AppData\Roaming\uTorrent
File: C:\ProgramData\Altruistic\Altruistic.exe;C:\WINDOWS\SysWOW64\PnkBstrA.exe;C:\WINDOWS\xhunter1.sys;C:\WINDOWS\System32\drivers\zttap300.sys
VirusTotal: C:\ProgramData\Altruistic\Altruistic.exe;C:\WINDOWS\SysWOW64\PnkBstrA.exe;C:\WINDOWS\xhunter1.sys;C:\WINDOWS\System32\drivers\zttap300.sys
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(services.exe ->) (Altruistic Software -> Altruistic Software) [Archivo no firmado] [El archivo está en uso] C:\ProgramData\Altruistic\Altruistic.exe <2>
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
HKLM-x32\...\Run: [Genshin Impact Beta_Launcher] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restricción <==== ATENCIÓN
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\MountPoints2: {98647291-5750-11eb-8c34-e0d55e456318} - "F:\OnePlus_setup.exe" /s
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\MountPoints2: {ab07a6cb-910b-11ec-8c61-e0d55e456318} - "F:\OnePlus_setup.exe" /s
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\...\MountPoints2: {ab07a727-910b-11ec-8c61-e0d55e456318} - "F:\OnePlus_setup.exe" /s
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {16B90B7E-5E26-4931-AC53-4349A8B5EDC6} - System32\Tasks\Opera scheduled Autoupdate 1660063611 => C:\Users\German\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Ningún archivo)
AutoConfigURL: [{1A6B70D3-BF32-4E36-A637-7E2F9717EA9D}] => hxxp://127.0.0.1:86/ <==== ATENCIÓN
AutoConfigURL: [{F0CCE269-1B3D-421C-9114-DB70367A9782}] => hxxp://127.0.0.1:86/ <==== ATENCIÓN
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
R2 AltruisticsService; C:\ProgramData\Altruistic\Altruistic.exe [18029528 2022-08-09] (Altruistic Software -> Altruistic Software) [Archivo no firmado] [El archivo está en uso]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [808728 2022-08-09] (McAfee, LLC -> McAfee, LLC)
S3 rsDwf; \SystemRoot\system32\DRIVERS\rsDwf.sys [X]
2022-08-10 18:38 - 2022-08-10 18:38 - 000000000 ___HD C:\$WinREAgent
2022-08-09 13:46 - 2022-08-22 21:36 - 000000000 ____D C:\ProgramData\Altruistic
2022-08-09 13:46 - 2022-08-17 18:12 - 000000000 ____D C:\Users\German\AppData\Roaming\Altruistic
2022-08-09 13:46 - 2022-08-09 13:46 - 000001092 _____ C:\Users\German\Downloads\universal adobe patcher.exe.lnk
2022-08-09 13:46 - 2022-08-09 13:46 - 000000000 ____D C:\Program Files\McAfee
2022-08-09 13:45 - 2022-08-09 13:46 - 000000000 ____D C:\ProgramData\McAfee
2022-07-28 14:08 - 2022-07-28 14:08 - 000000000 ____D C:\Users\German\AppData\Local\HLL
2022-08-10 21:29 - 2018-07-31 13:03 - 000000000 ____D C:\Users\German\AppData\Roaming\uTorrent
2022-08-10 19:18 - 2020-10-03 16:31 - 000008192 ___SH C:\DumpStack.log.tmp
AlternateDataStreams: C:\WINDOWS\tracing:? [16]
AlternateDataStreams: C:\Users\German:Heroes & Generals [38]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log:F107EE40EF [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log_backup1:2DD1EC5C91 [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer10.log:CCC93B07B0 [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer10.log_backup1:AD433BF298 [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer11.log_backup1:97A90964FA [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer12.log:C40F6B9209 [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer12.log_backup1:7CC29836A6 [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer13.log:AE3C879266 [2498]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer14.log:DE1448F4D7 [2498]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [2498]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk:21661D084B [2498]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [2498]
FirewallRules: [{83D40EE7-49F3-4408-9C50-A123A51D0E5A}] => (Allow) LPort=9993
FirewallRules: [{C604D978-E781-4F18-9754-3F95F4B5900B}] => (Allow) LPort=9993
FirewallRules: [TCP Query User{55C5C92A-0F34-40D6-A987-D8FDF3935998}C:\users\german\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\german\appdata\roaming\utorrent\utorrent.exe => Ningún archivo
FirewallRules: [UDP Query User{AB023C28-6D88-4012-9465-4B1FF6A0FE8E}C:\users\german\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\german\appdata\roaming\utorrent\utorrent.exe => Ningún archivo
FirewallRules: [TCP Query User{4B61C96B-CFC5-4404-BAD2-8FDC4871ADE8}C:\users\german\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\german\appdata\roaming\utorrent\utorrent.exe => Ningún archivo
FirewallRules: [UDP Query User{5E638672-88B7-43B9-850D-7363032D5B7C}C:\users\german\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\german\appdata\roaming\utorrent\utorrent.exe => Ningún archivo
FirewallRules: [UDP Query User{E830B09A-B81B-4E64-A404-0DFEDCC00338}D:\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{102B2BFA-4752-435D-B7C6-9178986D9639}D:\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{4FBB05A4-7554-4BB0-BD5D-5EBF7EFE44B8}D:\among us\among us 2020.9.1\among us.exe] => (Allow) D:\among us\among us 2020.9.1\among us.exe => Ningún archivo
FirewallRules: [TCP Query User{A1609C15-EA89-4ECE-9D0C-26568E2FCC48}D:\among us\among us 2020.9.1\among us.exe] => (Allow) D:\among us\among us 2020.9.1\among us.exe => Ningún archivo
FirewallRules: [UDP Query User{5EDD7AB9-49B6-4782-8D75-F21D6218B50D}D:\remnant\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) D:\remnant\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{70BB7A01-F9B9-426C-8B81-14F2B9FCB85C}D:\remnant\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) D:\remnant\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{59BED441-06AF-48E3-AA7E-250F151239A7}D:\steam\steamapps\common\goat of duty\goatofduty\binaries\win64\goatofduty-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\goat of duty\goatofduty\binaries\win64\goatofduty-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{202066BA-E7A2-4F7D-AFB5-79CE0A9B5E4F}D:\steam\steamapps\common\goat of duty\goatofduty\binaries\win64\goatofduty-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\goat of duty\goatofduty\binaries\win64\goatofduty-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{ABB3DD9B-F1C7-4A58-AD50-F93A30658628}D:\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\cod warzone\call of duty modern warfare\modernwarfare.exe => Ningún archivo
FirewallRules: [TCP Query User{4A2AA3AB-360C-4F99-A806-E49F3E50B768}D:\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\cod warzone\call of duty modern warfare\modernwarfare.exe => Ningún archivo
FirewallRules: [UDP Query User{B19D5D7C-CD08-40AB-B6EF-D61909BDF810}D:\steam\steamapps\common\mist survival\mistsurvival\binaries\win64\mistsurvival-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\mist survival\mistsurvival\binaries\win64\mistsurvival-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{33B325E4-6A4A-47AD-BD55-84D1B6A88DE9}D:\steam\steamapps\common\mist survival\mistsurvival\binaries\win64\mistsurvival-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\mist survival\mistsurvival\binaries\win64\mistsurvival-win64-shipping.exe => Ningún archivo
FirewallRules: [{49E041FC-1ED5-48FB-B15A-B24E10EE2B47}] => (Allow) D:\Steam\steamapps\common\Zombie_Driver_HD\bin\ZombieDriverHD.exe => Ningún archivo
FirewallRules: [{844E4F22-8776-459D-9AB3-F01D6DE8668D}] => (Allow) D:\Steam\steamapps\common\Zombie_Driver_HD\bin\ZombieDriverHD.exe => Ningún archivo
FirewallRules: [UDP Query User{FD945848-7D23-472D-BB33-6D4ED3F08B01}D:\steam\steamapps\common\chernobylite\chernobylgame\binaries\win64\chernobylgame-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\chernobylite\chernobylgame\binaries\win64\chernobylgame-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{10F964FF-473A-4725-8464-7CB784B8FEBC}D:\steam\steamapps\common\chernobylite\chernobylgame\binaries\win64\chernobylgame-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\chernobylite\chernobylgame\binaries\win64\chernobylgame-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{1BE80B67-C5E7-4003-B663-17BF8D321840}D:\baba yaga\yaga\yaga.exe] => (Allow) D:\baba yaga\yaga\yaga.exe => Ningún archivo
FirewallRules: [TCP Query User{19B03550-3C12-41B7-9EA2-F0CD02F1DBD4}D:\baba yaga\yaga\yaga.exe] => (Allow) D:\baba yaga\yaga\yaga.exe => Ningún archivo
FirewallRules: [UDP Query User{658B537B-8A95-4907-A288-2BF945E677FF}D:\diablo 2\diablo.ii.lod.v1.14d.lan-pcmymjuegos\pcmymjuegos\game.exe] => (Allow) D:\diablo 2\diablo.ii.lod.v1.14d.lan-pcmymjuegos\pcmymjuegos\game.exe => Ningún archivo
FirewallRules: [TCP Query User{436395BB-3E57-48B3-82E0-7D58B302C9FE}D:\diablo 2\diablo.ii.lod.v1.14d.lan-pcmymjuegos\pcmymjuegos\game.exe] => (Allow) D:\diablo 2\diablo.ii.lod.v1.14d.lan-pcmymjuegos\pcmymjuegos\game.exe => Ningún archivo
FirewallRules: [{8E050916-BD6D-489B-8E4C-42D850E59F8E}] => (Allow) D:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => Ningún archivo
FirewallRules: [{640BC32E-FAA8-44ED-B550-C5AD5A1FF2DD}] => (Allow) D:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => Ningún archivo
FirewallRules: [TCP Query User{00ADB795-03A5-4C59-BD0C-719C187F5F40}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => Ningún archivo
FirewallRules: [UDP Query User{2634B772-88DE-40E7-8963-1A183B5ED433}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => Ningún archivo
FirewallRules: [{F79AB733-CEBD-4B5A-A900-2F8604495272}] => (Allow) D:\Escape from Tarkov\BsgLauncher\BsgLauncher.exe => Ningún archivo
FirewallRules: [{5DB16D29-939F-41A5-AB63-D4F0EE7BFD28}] => (Allow) D:\Escape from Tarkov\BsgLauncher\BsgLauncher.exe => Ningún archivo
FirewallRules: [TCP Query User{EDD40E63-EB57-404F-9036-77C9ACDCE0A1}D:\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe] => (Allow) D:\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe => Ningún archivo
FirewallRules: [UDP Query User{AF26E0C5-49A6-44C9-842E-9CC6EFB6CB1C}D:\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe] => (Allow) D:\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe => Ningún archivo
FirewallRules: [TCP Query User{543C160B-7063-4006-B048-0C7E669D2213}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Ningún archivo
FirewallRules: [UDP Query User{35701FDD-A4A0-4145-817E-EBB4F850F562}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Ningún archivo
FirewallRules: [TCP Query User{9CC1DB5A-D19E-4053-8912-0DF4B5F54F63}D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe] => (Allow) D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe => Ningún archivo
FirewallRules: [UDP Query User{DB3FC385-BAA6-4E02-8980-D485632213CA}D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe] => (Allow) D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe => Ningún archivo
FirewallRules: [TCP Query User{2542E070-8492-4C3D-A136-53F5092236B8}D:\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\steam\steamapps\common\planetside 2\planetside2_x64.exe => Ningún archivo
FirewallRules: [UDP Query User{7F1EA174-A9F3-41BE-B6D1-CD79FC3452A6}D:\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\steam\steamapps\common\planetside 2\planetside2_x64.exe => Ningún archivo
FirewallRules: [TCP Query User{68D3AD29-88B3-4E7E-8C4B-1C96F9A88F2C}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe => Ningún archivo
FirewallRules: [UDP Query User{9437B0AD-8EB9-445C-A08D-E19D396196F2}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe => Ningún archivo
FirewallRules: [TCP Query User{5044C501-23C5-433B-900F-EECCAFAE9157}D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe] => (Allow) D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe => Ningún archivo
FirewallRules: [UDP Query User{023DAD90-5CB8-4AC1-95B1-3E53269A980A}D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe] => (Allow) D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe => Ningún archivo
FirewallRules: [TCP Query User{0DC68BFB-851B-4577-BC7B-73660457DF08}D:\steam\steamapps\common\desolate\desolate\binaries\win64\sh-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\desolate\desolate\binaries\win64\sh-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{C21E6849-2071-4639-B46B-8862A990C396}D:\steam\steamapps\common\desolate\desolate\binaries\win64\sh-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\desolate\desolate\binaries\win64\sh-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{57774A71-AE9B-4024-9B4F-592C5B324B1A}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => Ningún archivo
FirewallRules: [UDP Query User{102DCDBE-2A19-4099-AFC0-50CD031EB555}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => Ningún archivo
FirewallRules: [TCP Query User{FE32E484-2ACF-42EB-8C99-AE8392888275}D:\cod warzone\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) D:\cod warzone\call of duty black ops cold war\blackopscoldwar.exe => Ningún archivo
FirewallRules: [UDP Query User{06C2347E-E6E3-493B-AE4C-FA8C0B00F790}D:\cod warzone\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) D:\cod warzone\call of duty black ops cold war\blackopscoldwar.exe => Ningún archivo
FirewallRules: [TCP Query User{4EBA6AD8-3FF9-4AFB-9BB3-632690F687C0}D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Ningún archivo
FirewallRules: [UDP Query User{6C0EF96F-EDC9-4A57-B88B-C62CB99A1A39}D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Ningún archivo
FirewallRules: [TCP Query User{DC7B0C7D-2941-4146-963B-58C60AFC12F1}D:\steam\steamapps\common\ebola 2\thesin\binaries\win64\thesin-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\ebola 2\thesin\binaries\win64\thesin-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{391BA239-945C-44FC-908D-63F5906272D4}D:\steam\steamapps\common\ebola 2\thesin\binaries\win64\thesin-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\ebola 2\thesin\binaries\win64\thesin-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{515F67CD-A391-4ED8-A0E7-EF17404683AD}D:\steam\steamapps\common\7 days to die - copia\7daystodie.exe] => (Allow) D:\steam\steamapps\common\7 days to die - copia\7daystodie.exe => Ningún archivo
FirewallRules: [UDP Query User{2D0EC506-ADBB-4F01-94D1-F92A515BC56A}D:\steam\steamapps\common\7 days to die - copia\7daystodie.exe] => (Allow) D:\steam\steamapps\common\7 days to die - copia\7daystodie.exe => Ningún archivo
FirewallRules: [TCP Query User{5FE7BAFE-0498-4019-A952-752E16F6B8D2}D:\the shore\the shore\theisland\binaries\win64\theisland.exe] => (Allow) D:\the shore\the shore\theisland\binaries\win64\theisland.exe => Ningún archivo
FirewallRules: [UDP Query User{DD5B8479-2F85-4D8D-A612-44071965D938}D:\the shore\the shore\theisland\binaries\win64\theisland.exe] => (Allow) D:\the shore\the shore\theisland\binaries\win64\theisland.exe => Ningún archivo
FirewallRules: [TCP Query User{2B7AFCB0-F0C2-499A-B4CF-92AF0A7E0583}D:\enlisted\enlisted\launcher.exe] => (Allow) D:\enlisted\enlisted\launcher.exe => Ningún archivo
FirewallRules: [UDP Query User{0E26494E-2A21-431C-AFDA-2C511834AE4C}D:\enlisted\enlisted\launcher.exe] => (Allow) D:\enlisted\enlisted\launcher.exe => Ningún archivo
FirewallRules: [TCP Query User{9B07076B-FA4A-4F1C-8CA5-B791707CD487}D:\enlisted\enlisted\win64\enlisted.exe] => (Allow) D:\enlisted\enlisted\win64\enlisted.exe => Ningún archivo
FirewallRules: [UDP Query User{BCF1B678-0072-47AE-BCDE-96FD81791745}D:\enlisted\enlisted\win64\enlisted.exe] => (Allow) D:\enlisted\enlisted\win64\enlisted.exe => Ningún archivo
FirewallRules: [TCP Query User{7CD5FF9D-FCD6-426D-A632-EC854C664694}D:\remnant\overcooked2\overcooked2.exe] => (Allow) D:\remnant\overcooked2\overcooked2.exe => Ningún archivo
FirewallRules: [UDP Query User{5EF0DE2F-1E04-4040-9A05-99BAF7262BFE}D:\remnant\overcooked2\overcooked2.exe] => (Allow) D:\remnant\overcooked2\overcooked2.exe => Ningún archivo
FirewallRules: [TCP Query User{8CCA4B11-A19A-461C-A678-950B18ED0248}D:\steam\steamapps\common\battlefield 4\bf4.exe] => (Allow) D:\steam\steamapps\common\battlefield 4\bf4.exe => Ningún archivo
FirewallRules: [UDP Query User{51878D86-AB04-4899-84D0-3B00E69FFC8A}D:\steam\steamapps\common\battlefield 4\bf4.exe] => (Allow) D:\steam\steamapps\common\battlefield 4\bf4.exe => Ningún archivo
FirewallRules: [TCP Query User{601509DA-A21A-43EA-B09B-5D67F76871E5}D:\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe => Ningún archivo
FirewallRules: [UDP Query User{8744001A-F20A-429D-9023-DEF855F0E69D}D:\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe => Ningún archivo
FirewallRules: [TCP Query User{F12DD89E-AC07-4428-BEF4-6A211F897859}D:\ghost recon future soldier\tom clancys ghost recon future soldier\future soldier dx11.exe] => (Allow) D:\ghost recon future soldier\tom clancys ghost recon future soldier\future soldier dx11.exe => Ningún archivo
FirewallRules: [UDP Query User{DB51B871-FD06-46A9-89C4-2BE020E111F4}D:\ghost recon future soldier\tom clancys ghost recon future soldier\future soldier dx11.exe] => (Allow) D:\ghost recon future soldier\tom clancys ghost recon future soldier\future soldier dx11.exe => Ningún archivo
FirewallRules: [TCP Query User{F510D060-C5D2-4029-8BD2-2E2CF933EA8D}D:\steam\steamapps\common\battlefield 2042\bf2042.exe] => (Allow) D:\steam\steamapps\common\battlefield 2042\bf2042.exe => Ningún archivo
FirewallRules: [UDP Query User{E8058751-269B-40FA-80D0-4B7A12809756}D:\steam\steamapps\common\battlefield 2042\bf2042.exe] => (Allow) D:\steam\steamapps\common\battlefield 2042\bf2042.exe => Ningún archivo
FirewallRules: [{52875699-6D78-49B9-8227-699C2C531DA9}] => (Allow) D:\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => Ningún archivo
FirewallRules: [{BADFF65C-A01E-4F87-859A-3FCC08ADE6D7}] => (Allow) D:\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => Ningún archivo
FirewallRules: [TCP Query User{813122F4-BA62-4251-BAE8-5B3E0152D214}D:\juegos epic\secondextinction\secondextinctioneos.exe] => (Allow) D:\juegos epic\secondextinction\secondextinctioneos.exe => Ningún archivo
FirewallRules: [UDP Query User{B9182AB4-8F73-4091-8036-46BDB2DD6F94}D:\juegos epic\secondextinction\secondextinctioneos.exe] => (Allow) D:\juegos epic\secondextinction\secondextinctioneos.exe => Ningún archivo
FirewallRules: [{B129B496-BC8E-400E-B1AC-28FB6E853935}] => (Allow) D:\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe => Ningún archivo
FirewallRules: [{06C52D54-9520-4CB4-9E4A-D58544A1D57B}] => (Allow) D:\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe => Ningún archivo
FirewallRules: [{A287B231-2302-4978-A0FD-956DB03B9098}] => (Allow) D:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => Ningún archivo
FirewallRules: [{90FD0909-6AA2-4E63-9AC0-B4C218E3F113}] => (Allow) D:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => Ningún archivo
FirewallRules: [TCP Query User{0953E823-FE0A-428C-935D-E42A2296CB02}D:\valorant\riot games\riot client\riotclientservices.exe] => (Allow) D:\valorant\riot games\riot client\riotclientservices.exe => Ningún archivo
FirewallRules: [UDP Query User{0CCF996B-1E82-469F-B6EC-48A31031DA1E}D:\valorant\riot games\riot client\riotclientservices.exe] => (Allow) D:\valorant\riot games\riot client\riotclientservices.exe => Ningún archivo
FirewallRules: [{14007E37-DF4A-4B38-AB5B-687195FED331}] => (Allow) C:\Users\German\AppData\Local\Programs\Opera\79.0.4143.22\opera.exe => Ningún archivo
C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
C:\Program Files\McAfee
C:\ProgramData\Altruistic\Altruistic.exe
C:\ProgramData\Altruistic
C:\Users\German\AppData\Roaming\Altruistic
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************
El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
========================= Folder: C:\Program Files\McAfee ========================
no encontrado.
====== Final de Folder: ======
========================= Folder: C:\ProgramData\Altruistic ========================
2022-08-09 13:46 - 2022-08-09 13:46 - 018029528 ____A [DFF2202B9B6350AC366D1EA67B365E58] (Altruistic Software -> Altruistic Software) [Archivo no firmado] C:\ProgramData\Altruistic\Altruistic.exe
2022-08-09 13:46 - 2022-08-09 13:46 - 000212440 ____A [00000000000000000000000000000000] () <==== ATENCIÓN [cero bytes Archivo/Carpeta] C:\ProgramData\Altruistic\AltruisticUninstaller.exe
2022-08-25 20:08 - 2022-08-25 20:08 - 000000048 ____A [5172184344C6C1FBDFA976A5B595B6A9] () C:\ProgramData\Altruistic\settings.ini
====== Final de Folder: ======
========================= Folder: C:\Users\German\AppData\Roaming\Altruistic ========================
2022-08-17 18:12 - 2022-08-17 18:12 - 000000040 ____A [530BEAA7F1C0CA65813F930BBE48EBA7] () C:\Users\German\AppData\Roaming\Altruistic\settings.ini
====== Final de Folder: ======
========================= Folder: C:\ProgramData\ZeroTier ========================
2019-11-26 18:27 - 2019-11-26 18:28 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\ZeroTier\One
2019-11-26 18:27 - 2019-11-26 18:27 - 000000024 ____A [52A71E818E72FC03FB2A3F51FDC2CA6E] () C:\ProgramData\ZeroTier\One\authtoken.secret
2019-11-26 18:27 - 2019-11-26 18:27 - 000000141 ____A [A8CCAE35A1C9B1ABBA6F7C8674C5ED20] () C:\ProgramData\ZeroTier\One\identity.public
2019-11-26 18:27 - 2019-11-26 18:27 - 000000270 ____A [9C163BCEB5D6747E44A145A00FF4A9C3] () C:\ProgramData\ZeroTier\One\identity.secret
2019-11-26 18:27 - 2022-02-11 12:18 - 000000570 ____A [8751A8C1C7F6EF53DA0C66B8D5C6A331] () C:\ProgramData\ZeroTier\One\planet
2019-11-26 18:27 - 2022-08-25 20:52 - 000000004 ____A [8AF141D3C5A5146A3EAC9D166AB4C458] () C:\ProgramData\ZeroTier\One\zerotier-one.port
2019-09-04 14:21 - 2019-09-04 14:21 - 001788400 ____A [F34DCDF341EEAD7A2A2D74BC69E87B36] (ZeroTier, Inc. -> ) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe
2019-11-26 18:27 - 2019-11-26 18:27 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\ZeroTier\One\controller.d
2019-11-26 18:27 - 2019-11-26 18:27 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\ZeroTier\One\controller.d\network
2019-11-26 18:27 - 2019-11-26 18:27 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\ZeroTier\One\controller.d\trace
2019-11-26 18:27 - 2019-11-26 18:48 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\ZeroTier\One\networks.d
2019-11-26 18:45 - 2022-08-25 21:00 - 000000848 ____A [8DA9B900C200C944DDFBBC357871E98C] () C:\ProgramData\ZeroTier\One\networks.d\12ac4a1e719050ed.conf
2019-11-26 18:45 - 2019-11-26 18:48 - 000000047 ____A [45B94DE8F53A32A970DAC92FD33EE812] () C:\ProgramData\ZeroTier\One\networks.d\12ac4a1e719050ed.local.conf
2019-11-26 18:28 - 2022-08-03 01:38 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\ZeroTier\One\peers.d
2019-11-27 15:55 - 2022-08-10 19:18 - 000000082 ____A [BFA49CBEAB29707A0CD4AB905E150629] () C:\ProgramData\ZeroTier\One\peers.d\12ac4a1e71.peer
2022-08-03 01:38 - 2022-08-03 01:38 - 000000089 ____A [6C1B86222C6A8B2FB54D7173943CBE54] () C:\ProgramData\ZeroTier\One\peers.d\62f865ae71.peer
2022-08-03 01:38 - 2022-08-03 01:38 - 000000089 ____A [09C9C2F3B8CC99BED4D4960A39D26B25] () C:\ProgramData\ZeroTier\One\peers.d\778cde7190.peer
2022-08-03 01:38 - 2022-08-03 01:38 - 000000089 ____A [779238850894BBE232954A7FEC8655A1] () C:\ProgramData\ZeroTier\One\peers.d\cafe04eba9.peer
2022-08-03 01:38 - 2022-08-03 01:38 - 000000089 ____A [1B18DDF9BF05F298D155C345C82E426D] () C:\ProgramData\ZeroTier\One\peers.d\cafe9efeb9.peer
2019-11-26 18:27 - 2019-11-26 18:27 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\ZeroTier\One\tap-windows
2019-11-26 18:27 - 2019-11-26 18:27 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\ZeroTier\One\tap-windows\x64
2018-03-16 10:55 - 2018-03-16 10:55 - 000010017 ____A [67787A57BFD068BFC7C2749203796887] () C:\ProgramData\ZeroTier\One\tap-windows\x64\zttap300.cat
2018-03-16 10:55 - 2018-03-16 10:55 - 000005402 ____A [60B7BD1207DAA89DCFAEE23E416E3281] () C:\ProgramData\ZeroTier\One\tap-windows\x64\zttap300.inf
2018-03-16 10:55 - 2018-03-16 10:55 - 000030488 ____A [B683837B40FDA27AD0B44858FA897CA9] (ZeroTier Networks LLC -> ZeroTier Networks LLC) C:\ProgramData\ZeroTier\One\tap-windows\x64\zttap300.sys
====== Final de Folder: ======
========================= Folder: C:\Program Files\RAVAntivirus ========================
2022-08-09 13:49 - 2022-08-09 13:49 - 000411416 ____A [8C7DEA69104B480EFDDB0F1968C878E8] (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\RAVAntivirus\AntivirusInstaller.exe
2022-08-09 13:48 - 2022-08-09 13:48 - 001589968 ____A [E9F0C5C1775345A6AA1DFD257ED10905] (Reason Cybersecurity Inc. -> Reason Cybersecurity Inc.) C:\Program Files\RAVAntivirus\Uninstall.exe
====== Final de Folder: ======
========================= Folder: C:\Program Files (x86)\rsStubActivator-1.1.1 ========================
====== Final de Folder: ======
========================= Folder: C:\Users\German\AppData\Local\HLL ========================
2022-07-28 14:08 - 2022-07-28 14:08 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Local\HLL\Saved
2022-07-28 14:08 - 2022-07-28 14:08 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Local\HLL\Saved\Config
2022-07-28 14:08 - 2022-08-25 14:37 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Local\HLL\Saved\Config\CrashReportClient
2022-08-25 14:37 - 2022-08-25 14:37 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Local\HLL\Saved\Config\CrashReportClient\UE4CC-Windows-6A967B8444369C6A2BF2619AFED246B7
2022-08-25 14:37 - 2022-08-25 14:37 - 000000112 ____A [13F8815C6C6582CD5630BAC6DF8D1E7C] () C:\Users\German\AppData\Local\HLL\Saved\Config\CrashReportClient\UE4CC-Windows-6A967B8444369C6A2BF2619AFED246B7\CrashReportClient.ini
2022-07-28 14:08 - 2022-07-28 14:08 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Local\HLL\Saved\Config\WindowsNoEditor
2022-07-28 14:08 - 2022-08-25 14:44 - 000004487 ____A [C43BD5F1F36A71C1D3078AF114558E9B] () C:\Users\German\AppData\Local\HLL\Saved\Config\WindowsNoEditor\GameUserSettings.ini
2022-07-28 14:08 - 2022-08-25 14:38 - 000006128 ____A [CB17FF1A6F2B6C0640E01DA89A68DC30] () C:\Users\German\AppData\Local\HLL\Saved\Config\WindowsNoEditor\Input.ini
2022-07-28 14:08 - 2022-07-28 14:08 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Local\HLL\Saved\Logs
====== Final de Folder: ======
========================= Folder: C:\Users\German\AppData\Roaming\uTorrent ========================
2021-03-24 21:42 - 2021-03-24 21:42 - 000000390 ____A [12BADF4A6D8FD386886693F69197AA8B] () C:\Users\German\AppData\Roaming\uTorrent\chrome_native.json
2018-07-31 13:19 - 2022-05-03 15:34 - 000009840 ____A [41463DBBDF346588584995D0644A5F92] () C:\Users\German\AppData\Roaming\uTorrent\dht.dat
2018-07-31 13:14 - 2022-05-03 15:34 - 000000002 ____A [D9180594744F870AEEFB086982E980BB] () C:\Users\German\AppData\Roaming\uTorrent\dht_feed.dat
2020-04-28 12:09 - 2020-04-28 12:09 - 000071875 ____N [645832591EFDCA55B4A518FED4F43150] () C:\Users\German\AppData\Roaming\uTorrent\Guns Akimbo (2019) [1080p] [WEBRip] [5.1] [YTS.MX].torrent
2020-12-31 01:31 - 2021-03-24 21:42 - 004901304 ____A [C9C83EDEBCC49A2DE8FF7AF7FC622F8D] () C:\Users\German\AppData\Roaming\uTorrent\helper_web_ui.btinstall
2018-07-31 13:03 - 2018-07-31 13:03 - 000063148 ____A [B768B1F1A8C26BABBBC31FC551336221] () C:\Users\German\AppData\Roaming\uTorrent\maindoc.ico
2018-07-31 13:11 - 2022-05-03 15:34 - 000000077 ____A [E7A89E5A2857C7C02F585711154A3917] () C:\Users\German\AppData\Roaming\uTorrent\resume.dat
2018-07-31 14:15 - 2022-05-03 15:34 - 000000099 ____A [B2CAB184F7238023A722AC7C0EDCBBC3] () C:\Users\German\AppData\Roaming\uTorrent\rss.dat
2020-01-31 20:13 - 2020-01-31 20:13 - 000097883 ____A [C7C4072AA6F355200D9F49A03A7C48A7] () C:\Users\German\AppData\Roaming\uTorrent\Seal.Team.S01E01.720p.HDTV.X264-DIMENSION[rarbg].torrent
2020-01-31 20:12 - 2020-01-31 20:12 - 000024686 ____A [CB89124E566E9F1D48B1E5448BF43C3E] () C:\Users\German\AppData\Roaming\uTorrent\Seal.Team.S01E01.HDTV.x264-LOL[rarbg].torrent
2018-07-31 13:03 - 2022-05-03 15:34 - 000020207 ____A [B219F5B6CC0FAD510C88D734DF41F2C8] () C:\Users\German\AppData\Roaming\uTorrent\settings.dat
2019-08-09 19:36 - 2019-08-09 19:35 - 000384593 ____N [C02176F73B2F377346CB60DE3AB182A6] () C:\Users\German\AppData\Roaming\uTorrent\Sniper Ghost Warrior 3 Season Pass Edition v1.08 H5 ElAmigos.torrent
2021-04-20 13:40 - 2021-04-20 13:40 - 000012812 ____N [D01516EB0AFBF48B55B41C0BA5310806] () C:\Users\German\AppData\Roaming\uTorrent\STALKER ANOMALY WEAPON OVERHAUL v2.5.rar.torrent
2018-07-31 13:09 - 2022-05-03 15:24 - 000003091 ____A [6B006C5F3CF11789A59D1640C951C9E0] () C:\Users\German\AppData\Roaming\uTorrent\updates.dat
2018-07-31 13:03 - 2018-07-31 13:03 - 001346998 ____A [61B8A8CCFE6D80CBEE521B144873315D] () C:\Users\German\AppData\Roaming\uTorrent\utorrent.lng
2018-07-31 13:03 - 2018-09-29 18:21 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\apps
2018-07-31 13:03 - 2018-09-29 18:21 - 000020110 ____A [89FCEA70FF6780BAE56402B31E1A04C5] () C:\Users\German\AppData\Roaming\uTorrent\apps\featuredContent.btapp
2018-07-31 13:03 - 2018-07-31 13:03 - 000003097 ____A [AD7F4A848B1A9463468543F8F667832A] () C:\Users\German\AppData\Roaming\uTorrent\apps\player.btapp
2018-07-31 13:03 - 2018-09-29 18:21 - 000000264 ____A [434E7ED8B328EEB62BAEF09AEED034F1] () C:\Users\German\AppData\Roaming\uTorrent\apps\plus.btapp
2018-07-31 13:03 - 2018-07-31 13:03 - 000028315 ____A [100A4B68EABD57146735852C90D0F6D6] () C:\Users\German\AppData\Roaming\uTorrent\apps\welcome-upsell.btapp
2018-07-31 13:03 - 2018-07-31 13:03 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\apps\72F0D3E2141065DACF6134D07A06A2DF20590748
2018-07-31 13:03 - 2018-07-31 13:03 - 000000196 ____A [0AC39D67E3569074A86EDF6938219759] () C:\Users\German\AppData\Roaming\uTorrent\apps\72F0D3E2141065DACF6134D07A06A2DF20590748\btapp
2018-07-31 13:03 - 2018-07-31 13:03 - 000001334 ____A [7399A0F1DCC4CA5BA628F0CE211ED809] () C:\Users\German\AppData\Roaming\uTorrent\apps\72F0D3E2141065DACF6134D07A06A2DF20590748\icon.bmp
2018-07-31 13:03 - 2018-07-31 13:03 - 000001901 ____A [E3FB701BBBC2D73011F0A1D811A73F27] () C:\Users\German\AppData\Roaming\uTorrent\apps\72F0D3E2141065DACF6134D07A06A2DF20590748\index.html
2018-07-31 13:03 - 2018-07-31 13:03 - 000001050 ____A [E88F72FA422391F3B6AF1E39F0573AEB] () C:\Users\German\AppData\Roaming\uTorrent\apps\72F0D3E2141065DACF6134D07A06A2DF20590748\index.js
2018-07-31 13:03 - 2018-07-31 13:03 - 000000946 ____A [5576D6B99675F1B041C5A8D3E94D9B7C] () C:\Users\German\AppData\Roaming\uTorrent\apps\72F0D3E2141065DACF6134D07A06A2DF20590748\main.css
2018-07-31 13:03 - 2018-07-31 13:03 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\apps\D944B3378FAB35793B7951FA53E41B2AB9CC462B
2018-07-31 13:03 - 2018-07-31 13:03 - 000000201 ____A [992675407C791EB677EF8634CFA17FF3] () C:\Users\German\AppData\Roaming\uTorrent\apps\D944B3378FAB35793B7951FA53E41B2AB9CC462B\btapp
2018-07-31 13:03 - 2018-07-31 13:03 - 000000282 ____A [BF7C5D31A8E1E9D4CE21662DBC5BB921] () C:\Users\German\AppData\Roaming\uTorrent\apps\D944B3378FAB35793B7951FA53E41B2AB9CC462B\empty_movie.gif
2018-07-31 13:03 - 2018-07-31 13:03 - 000003156 ____A [1AA6581683D6AD5E22B2BE570D6022AC] () C:\Users\German\AppData\Roaming\uTorrent\apps\D944B3378FAB35793B7951FA53E41B2AB9CC462B\index.html
2018-07-31 13:03 - 2018-07-31 13:03 - 000000250 ____A [3A2BC932A199ED566E8006AF29FFD040] () C:\Users\German\AppData\Roaming\uTorrent\apps\D944B3378FAB35793B7951FA53E41B2AB9CC462B\info_icon.png
2018-07-31 13:03 - 2018-07-31 13:03 - 000006990 ____A [4838DCD9D9257B4638E4E7AE027152D7] () C:\Users\German\AppData\Roaming\uTorrent\apps\D944B3378FAB35793B7951FA53E41B2AB9CC462B\main.css
2018-07-31 13:03 - 2018-07-31 13:03 - 000023064 ____A [F18F2DE2B88EF98C8CD3EA1CC63906A9] () C:\Users\German\AppData\Roaming\uTorrent\apps\D944B3378FAB35793B7951FA53E41B2AB9CC462B\vid_thumb.jpg
2018-07-31 13:03 - 2018-07-31 13:03 - 000000265 ____A [6A4902F1AF53C64C1488564EADE98C1E] () C:\Users\German\AppData\Roaming\uTorrent\apps\D944B3378FAB35793B7951FA53E41B2AB9CC462B\x.png
2018-07-31 13:09 - 2022-08-10 19:11 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\dlimagecache
2021-10-06 18:00 - 2021-10-06 18:00 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\helper
2021-10-06 18:00 - 2021-10-06 18:00 - 000000405 ____A [5E8FF798F5E920C93E77B427C05E51D0] () C:\Users\German\AppData\Roaming\uTorrent\helper\btinstall.txt
2021-10-06 18:00 - 2021-10-06 18:00 - 005179936 ____A [B13C3CBF6AC3FEE83EA38FA1164376BA] (BitTorrent Inc -> BitTorrent Inc.) C:\Users\German\AppData\Roaming\uTorrent\helper\helper.exe
2021-10-06 18:00 - 2021-10-06 18:00 - 004297072 ____A [E1D622FC6D9EB4EA292E429E707634DD] () C:\Users\German\AppData\Roaming\uTorrent\helper\webui.zip
2018-07-31 13:09 - 2018-07-31 13:09 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\share
2018-07-31 13:09 - 2022-08-10 21:29 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\updates
2018-07-31 13:09 - 2018-07-31 13:09 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.4_44498
2018-07-31 13:09 - 2018-07-31 13:09 - 000398008 ____A [41EA60F261595766A1A82E5A0320E95B] (BitTorrent Inc -> BitTorrent Inc.) C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.4_44498\utorrentie.exe
2018-09-29 18:21 - 2018-09-29 18:21 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.4_44520
2018-09-29 18:21 - 2018-09-29 18:21 - 000398008 ____A [E6D6931B6183A0002116E8474580A896] (BitTorrent Inc -> BitTorrent Inc.) C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.4_44520\utorrentie.exe
2018-09-29 19:27 - 2018-09-29 19:27 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.4_44632
2018-09-29 19:27 - 2018-09-29 19:27 - 000398008 ____A [150025608407CFC4105E70BE6EC8BE56] (BitTorrent Inc -> BitTorrent Inc.) C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe
2018-11-16 00:14 - 2018-11-16 00:14 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.4_44846
2018-11-16 00:14 - 2018-11-16 00:14 - 000398008 ____A [05DBD92EF2050A87389EC3E91CDCF828] (BitTorrent Inc -> BitTorrent Inc.) C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.4_44846\utorrentie.exe
2019-03-03 01:03 - 2019-03-03 01:03 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45095
2019-03-03 01:03 - 2019-03-03 01:03 - 000414904 ____A [F194CEF30633EB5C372A0710FC7F1FA6] (BitTorrent Inc -> BitTorrent Inc.) C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45095\utorrentie.exe
2019-03-30 19:03 - 2019-03-30 19:03 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45146
2019-03-30 19:03 - 2019-03-30 19:03 - 000415928 ____A [E1AE64EA3F75651BF5968F4F5A63A40A] (BitTorrent Inc -> BitTorrent Inc.) C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45146\utorrentie.exe
2019-08-09 19:29 - 2019-08-09 19:29 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45291
2019-08-09 19:29 - 2019-08-09 19:29 - 000418536 ____A [F9FA8F44A611040C246FD999D2A00D65] (BitTorrent Inc -> BitTorrent Inc.) C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45291\utorrentie.exe
2019-08-09 22:03 - 2019-08-09 22:03 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45311
2019-08-09 22:03 - 2019-08-09 22:03 - 000418544 ____A [4D3CBAB8395AEED0B9F3822BA7F00272] (BitTorrent Inc -> BitTorrent Inc.) C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45311\utorrentie.exe
2019-10-04 15:03 - 2019-10-04 15:03 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45341
2019-10-04 15:03 - 2019-10-04 15:03 - 000419568 ____A [036EEB47CF9C3C9DEF64FDDB8BC90917] (BitTorrent Inc -> BitTorrent Inc.) C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45341\utorrentie.exe
2019-11-13 16:10 - 2019-11-13 16:10 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45365
2019-11-13 16:10 - 2019-11-13 16:10 - 000421096 ____A [2095B2DD3D06BF7C8C9F85CC065542AB] (BitTorrent Inc -> BitTorrent Inc.) C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45365\utorrentie.exe
2019-11-21 14:48 - 2019-11-21 14:48 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45395
2019-11-21 14:48 - 2019-11-21 14:48 - 000421104 ____A [FF4C6FDE22591162D09CE0173EA79E82] (BitTorrent Inc -> BitTorrent Inc.) C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45395\utorrentie.exe
2020-01-31 20:12 - 2020-01-31 20:12 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45505
2020-01-31 20:12 - 2020-01-31 20:12 - 000421104 ____A [F49EBA7AE5382FB26BB43EE12876D9AE] (BitTorrent Inc -> BitTorrent Inc.) C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45505\utorrentie.exe
2020-03-21 22:40 - 2020-03-21 22:40 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45608
2020-03-21 22:40 - 2020-03-21 22:40 - 000421104 ____A [49022DE6384DD0B020E6CE1D9105EDD0] (BitTorrent Inc -> BitTorrent Inc.) C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45608\utorrentie.exe
2020-04-28 21:41 - 2020-04-28 21:41 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45628
2020-04-28 21:41 - 2020-04-28 21:41 - 000421104 ____A [83F9046C07A4C833FAF0B5C0B7F053BA] (BitTorrent Inc -> BitTorrent Inc.) C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45628\utorrentie.exe
2020-05-24 23:56 - 2020-05-24 23:56 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45672
2020-05-24 23:56 - 2020-05-24 23:56 - 000426216 ____A [3DE1B95EF4D5AD1FBD7EBD90E59066E3] (BitTorrent Inc -> BitTorrent Inc.) C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45672\utorrentie.exe
2021-03-24 21:42 - 2021-03-24 21:42 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45852
2021-03-24 21:42 - 2021-03-24 21:42 - 000556760 ____A [F1D36794052FCB3113B5F889531CCFB9] (BitTorrent Inc -> BitTorrent Inc.) C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45852\utorrentie.exe
2021-03-24 22:13 - 2021-03-24 22:13 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45966
2021-03-24 22:13 - 2021-03-24 22:13 - 000550440 ____A [18F3AA9BA0D0B71AC9166E40CBB8D0F4] (BitTorrent Inc -> BitTorrent Inc.) C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45966\utorrentie.exe
2021-06-06 00:39 - 2021-06-06 00:39 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45988
2021-06-06 00:39 - 2021-06-06 00:39 - 000550440 ____A [5B01828EF24221F06F448BF00020E774] (BitTorrent Inc -> BitTorrent Inc.) C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_45988\utorrentie.exe
2021-10-22 12:21 - 2021-10-22 12:21 - 000000000 ____D [00000000000000000000000000000000] C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_46096
2021-10-22 12:21 - 2021-10-22 12:21 - 000550440 ____A [3DE589622A1B9E39A78CCDCE14DEE362] (BitTorrent Inc -> BitTorrent Inc.) C:\Users\German\AppData\Roaming\uTorrent\updates\3.5.5_46096\utorrentie.exe
====== Final de Folder: ======
========================= File: C:\ProgramData\Altruistic\Altruistic.exe;C:\WINDOWS\SysWOW64\PnkBstrA.exe;C:\WINDOWS\xhunter1.sys;C:\WINDOWS\System32\drivers\zttap300.sys ========================
C:\ProgramData\Altruistic\Altruistic.exe
Archivo no firmado
MD5: DFF2202B9B6350AC366D1EA67B365E58
Fecha de creación y modificación: 2022-08-09 13:46 - 2022-08-09 13:46
Tamaño: 018029528
Atributos: ----A
Nombre de la compañía: Altruistic Software -> Altruistic Software
Interno Nombre: Service
Original Nombre: Service
Producto: Altruistic
Descripción: Altruistic
Archivo Versión: 1.6.2.3
Producto Versión: 1.6.2.3
Copyright: Altruistic Software © 2022
VirusTotal: https://www.virustotal.com/gui/file/a845bc333866fa645a7aa1bd95789b214731937077caa71d758d36e65e67250d/detection/f-a845bc333866fa645a7aa1bd95789b214731937077caa71d758d36e65e67250d-1660205152
C:\WINDOWS\SysWOW64\PnkBstrA.exe
El archivo está firmado digitalmente
MD5: 3A2E85F7D90D15460C337CE80C2E3B29
Fecha de creación y modificación: 2021-06-28 21:56 - 2021-06-28 21:56
Tamaño: 000076888
Atributos: ----A
Nombre de la compañía: Even Balance, Inc. -> Altruistic Software -> Altruistic Software
Interno Nombre: Service
Original Nombre: Service
Producto: Altruistic
Descripción: Altruistic
Archivo Versión: 1.6.2.3
Producto Versión: 1.6.2.3
Copyright: Altruistic Software © 2022
VirusTotal: https://www.virustotal.com/gui/file/eecaa20359fd2d75d6a564a3baadacaa2cb69d061e455aa3f75055a3eab54168/detection/f-eecaa20359fd2d75d6a564a3baadacaa2cb69d061e455aa3f75055a3eab54168-1661366472
C:\WINDOWS\xhunter1.sys
El archivo está firmado digitalmente
MD5: E031D482CE4EF80CB81B035AF7A0D669
Fecha de creación y modificación: 2020-02-29 20:47 - 2020-02-29 20:47
Tamaño: 002719256
Atributos: ----A
Nombre de la compañía: Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.
Interno Nombre: xhunter1.sys
Original Nombre: xhunter1.sys
Producto: XIGNCODE3
Descripción: XIGNCODE3 System Guard
Archivo Versión: 10.0.10011.16384
Producto Versión: 10.0.10011.16384
Copyright: Copyright (c) 2006-2013 Wellbia.com Co., Ltd.
VirusTotal: https://www.virustotal.com/gui/file/5a59961e3a3d404377684725be304f6dc7af3431147841f06f744633d5d97972/detection/f-5a59961e3a3d404377684725be304f6dc7af3431147841f06f744633d5d97972-1660721997
C:\WINDOWS\System32\drivers\zttap300.sys
Catalog: C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem22.cat
El archivo está firmado digitalmente
MD5: B683837B40FDA27AD0B44858FA897CA9
Fecha de creación y modificación: 2018-03-16 10:55 - 2018-03-16 10:55
Tamaño: 000030488
Atributos: ----A
Nombre de la compañía: ZeroTier Networks LLC -> ZeroTier Networks LLC
Interno Nombre: zttap300.sys
Original Nombre: zttap300.sys
Producto: ZeroTier One Virtual Network Port
Descripción: ZeroTier One Virtual Network Port
Archivo Versión: 3.0.0 3/0
Producto Versión: 3.0.0 3/0
Copyright: ZeroTier, Inc., OpenVPN Technologies, Inc.
VirusTotal: https://www.virustotal.com/gui/file/f058d6224e352e23fb24d6f84635dc465d4bb5b23fc3cbc07b8ea17fb6e96fbc/detection/f-f058d6224e352e23fb24d6f84635dc465d4bb5b23fc3cbc07b8ea17fb6e96fbc-1647858408====== Final de File: ======
VirusTotal: C:\ProgramData\Altruistic\Altruistic.exe => (3) Error
VirusTotal: C:\WINDOWS\SysWOW64\PnkBstrA.exe => https://www.virustotal.com/gui/file/eecaa20359fd2d75d6a564a3baadacaa2cb69d061e455aa3f75055a3eab54168/detection/f-eecaa20359fd2d75d6a564a3baadacaa2cb69d061e455aa3f75055a3eab54168-1661366472
VirusTotal: C:\WINDOWS\xhunter1.sys => https://www.virustotal.com/gui/file/5a59961e3a3d404377684725be304f6dc7af3431147841f06f744633d5d97972/detection/f-5a59961e3a3d404377684725be304f6dc7af3431147841f06f744633d5d97972-1660721997
VirusTotal: C:\WINDOWS\System32\drivers\zttap300.sys => https://www.virustotal.com/gui/file/f058d6224e352e23fb24d6f84635dc465d4bb5b23fc3cbc07b8ea17fb6e96fbc/detection/f-f058d6224e352e23fb24d6f84635dc465d4bb5b23fc3cbc07b8ea17fb6e96fbc-1647858408
C:\Program Files\McAfee\WebAdvisor\uihost.exe => No se encontró ningún proceso en ejecución
[2032] C:\ProgramData\Altruistic\Altruistic.exe => proceso cerrado correctamente.
C:\Program Files\McAfee\WebAdvisor\servicehost.exe => No se encontró ningún proceso en ejecución
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Genshin Impact Beta_Launcher" => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => valor restaurado correctamente
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => valor restaurado correctamente
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{98647291-5750-11eb-8c34-e0d55e456318} => eliminado correctamente
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ab07a6cb-910b-11ec-8c61-e0d55e456318} => eliminado correctamente
HKU\S-1-5-21-60943599-1268960206-3839154373-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ab07a727-910b-11ec-8c61-e0d55e456318} => eliminado correctamente
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
HKLM\SOFTWARE\Policies\Google => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{16B90B7E-5E26-4931-AC53-4349A8B5EDC6}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16B90B7E-5E26-4931-AC53-4349A8B5EDC6}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1660063611 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1660063611" => eliminado correctamente
HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\ProxyMgr\{1A6B70D3-BF32-4E36-A637-7E2F9717EA9D} => eliminado correctamente
HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\ProxyMgr\{F0CCE269-1B3D-421C-9114-DB70367A9782} => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => eliminado correctamente
HKLM\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => no encontrado
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => no encontrado
AltruisticsService => servicio no encontrado.
McAfee WebAdvisor => servicio no encontrado.
HKLM\System\CurrentControlSet\Services\rsDwf => eliminado correctamente
rsDwf => servicio eliminado correctamente
C:\$WinREAgent => movido correctamente
"C:\ProgramData\Altruistic" carpeta mover:
No pudo ser movido "C:\ProgramData\Altruistic" => Programado para moverse al reiniciar.
"C:\Users\German\AppData\Roaming\Altruistic" carpeta mover:
No pudo ser movido "C:\Users\German\AppData\Roaming\Altruistic" => Programado para moverse al reiniciar.
C:\Users\German\Downloads\universal adobe patcher.exe.lnk => movido correctamente
"C:\Program Files\McAfee" => no encontrado
"C:\ProgramData\McAfee" => no encontrado
C:\Users\German\AppData\Local\HLL => movido correctamente
C:\Users\German\AppData\Roaming\uTorrent => movido correctamente
No pudo ser movido "C:\DumpStack.log.tmp" => Programado para moverse al reiniciar.
C:\WINDOWS\tracing => ":?" ADS eliminado correctamente
C:\Users\German => ":Heroes & Generals" ADS eliminado correctamente
C:\ProgramData\DisplaySessionContainer1.log => ":F107EE40EF" ADS eliminado correctamente
C:\ProgramData\DisplaySessionContainer1.log_backup1 => ":2DD1EC5C91" ADS eliminado correctamente
C:\ProgramData\DisplaySessionContainer10.log => ":CCC93B07B0" ADS eliminado correctamente
C:\ProgramData\DisplaySessionContainer10.log_backup1 => ":AD433BF298" ADS eliminado correctamente
C:\ProgramData\DisplaySessionContainer11.log_backup1 => ":97A90964FA" ADS eliminado correctamente
C:\ProgramData\DisplaySessionContainer12.log => ":C40F6B9209" ADS eliminado correctamente
C:\ProgramData\DisplaySessionContainer12.log_backup1 => ":7CC29836A6" ADS eliminado correctamente
C:\ProgramData\DisplaySessionContainer13.log => ":AE3C879266" ADS eliminado correctamente
C:\ProgramData\DisplaySessionContainer14.log => ":DE1448F4D7" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk => ":21661D084B" ADS eliminado correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk => ":60EC9648C0" ADS eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{83D40EE7-49F3-4408-9C50-A123A51D0E5A}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C604D978-E781-4F18-9754-3F95F4B5900B}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{55C5C92A-0F34-40D6-A987-D8FDF3935998}C:\users\german\appdata\roaming\utorrent\utorrent.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AB023C28-6D88-4012-9465-4B1FF6A0FE8E}C:\users\german\appdata\roaming\utorrent\utorrent.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4B61C96B-CFC5-4404-BAD2-8FDC4871ADE8}C:\users\german\appdata\roaming\utorrent\utorrent.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5E638672-88B7-43B9-850D-7363032D5B7C}C:\users\german\appdata\roaming\utorrent\utorrent.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E830B09A-B81B-4E64-A404-0DFEDCC00338}D:\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{102B2BFA-4752-435D-B7C6-9178986D9639}D:\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4FBB05A4-7554-4BB0-BD5D-5EBF7EFE44B8}D:\among us\among us 2020.9.1\among us.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A1609C15-EA89-4ECE-9D0C-26568E2FCC48}D:\among us\among us 2020.9.1\among us.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5EDD7AB9-49B6-4782-8D75-F21D6218B50D}D:\remnant\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{70BB7A01-F9B9-426C-8B81-14F2B9FCB85C}D:\remnant\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{59BED441-06AF-48E3-AA7E-250F151239A7}D:\steam\steamapps\common\goat of duty\goatofduty\binaries\win64\goatofduty-win64-shipping.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{202066BA-E7A2-4F7D-AFB5-79CE0A9B5E4F}D:\steam\steamapps\common\goat of duty\goatofduty\binaries\win64\goatofduty-win64-shipping.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{ABB3DD9B-F1C7-4A58-AD50-F93A30658628}D:\cod warzone\call of duty modern warfare\modernwarfare.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4A2AA3AB-360C-4F99-A806-E49F3E50B768}D:\cod warzone\call of duty modern warfare\modernwarfare.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B19D5D7C-CD08-40AB-B6EF-D61909BDF810}D:\steam\steamapps\common\mist survival\mistsurvival\binaries\win64\mistsurvival-win64-shipping.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{33B325E4-6A4A-47AD-BD55-84D1B6A88DE9}D:\steam\steamapps\common\mist survival\mistsurvival\binaries\win64\mistsurvival-win64-shipping.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{49E041FC-1ED5-48FB-B15A-B24E10EE2B47}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{844E4F22-8776-459D-9AB3-F01D6DE8668D}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FD945848-7D23-472D-BB33-6D4ED3F08B01}D:\steam\steamapps\common\chernobylite\chernobylgame\binaries\win64\chernobylgame-win64-shipping.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{10F964FF-473A-4725-8464-7CB784B8FEBC}D:\steam\steamapps\common\chernobylite\chernobylgame\binaries\win64\chernobylgame-win64-shipping.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1BE80B67-C5E7-4003-B663-17BF8D321840}D:\baba yaga\yaga\yaga.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{19B03550-3C12-41B7-9EA2-F0CD02F1DBD4}D:\baba yaga\yaga\yaga.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{658B537B-8A95-4907-A288-2BF945E677FF}D:\diablo 2\diablo.ii.lod.v1.14d.lan-pcmymjuegos\pcmymjuegos\game.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{436395BB-3E57-48B3-82E0-7D58B302C9FE}D:\diablo 2\diablo.ii.lod.v1.14d.lan-pcmymjuegos\pcmymjuegos\game.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8E050916-BD6D-489B-8E4C-42D850E59F8E}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{640BC32E-FAA8-44ED-B550-C5AD5A1FF2DD}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{00ADB795-03A5-4C59-BD0C-719C187F5F40}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2634B772-88DE-40E7-8963-1A183B5ED433}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F79AB733-CEBD-4B5A-A900-2F8604495272}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5DB16D29-939F-41A5-AB63-D4F0EE7BFD28}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EDD40E63-EB57-404F-9036-77C9ACDCE0A1}D:\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AF26E0C5-49A6-44C9-842E-9CC6EFB6CB1C}D:\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{543C160B-7063-4006-B048-0C7E669D2213}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{35701FDD-A4A0-4145-817E-EBB4F850F562}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9CC1DB5A-D19E-4053-8912-0DF4B5F54F63}D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DB3FC385-BAA6-4E02-8980-D485632213CA}D:\steam\steamapps\common\projectzomboid\jre64\bin\java.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2542E070-8492-4C3D-A136-53F5092236B8}D:\steam\steamapps\common\planetside 2\planetside2_x64.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7F1EA174-A9F3-41BE-B6D1-CD79FC3452A6}D:\steam\steamapps\common\planetside 2\planetside2_x64.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{68D3AD29-88B3-4E7E-8C4B-1C96F9A88F2C}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9437B0AD-8EB9-445C-A08D-E19D396196F2}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5044C501-23C5-433B-900F-EECCAFAE9157}D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{023DAD90-5CB8-4AC1-95B1-3E53269A980A}D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0DC68BFB-851B-4577-BC7B-73660457DF08}D:\steam\steamapps\common\desolate\desolate\binaries\win64\sh-win64-shipping.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C21E6849-2071-4639-B46B-8862A990C396}D:\steam\steamapps\common\desolate\desolate\binaries\win64\sh-win64-shipping.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{57774A71-AE9B-4024-9B4F-592C5B324B1A}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{102DCDBE-2A19-4099-AFC0-50CD031EB555}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FE32E484-2ACF-42EB-8C99-AE8392888275}D:\cod warzone\call of duty black ops cold war\blackopscoldwar.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{06C2347E-E6E3-493B-AE4C-FA8C0B00F790}D:\cod warzone\call of duty black ops cold war\blackopscoldwar.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4EBA6AD8-3FF9-4AFB-9BB3-632690F687C0}D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6C0EF96F-EDC9-4A57-B88B-C62CB99A1A39}D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DC7B0C7D-2941-4146-963B-58C60AFC12F1}D:\steam\steamapps\common\ebola 2\thesin\binaries\win64\thesin-win64-shipping.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{391BA239-945C-44FC-908D-63F5906272D4}D:\steam\steamapps\common\ebola 2\thesin\binaries\win64\thesin-win64-shipping.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{515F67CD-A391-4ED8-A0E7-EF17404683AD}D:\steam\steamapps\common\7 days to die - copia\7daystodie.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2D0EC506-ADBB-4F01-94D1-F92A515BC56A}D:\steam\steamapps\common\7 days to die - copia\7daystodie.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5FE7BAFE-0498-4019-A952-752E16F6B8D2}D:\the shore\the shore\theisland\binaries\win64\theisland.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DD5B8479-2F85-4D8D-A612-44071965D938}D:\the shore\the shore\theisland\binaries\win64\theisland.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2B7AFCB0-F0C2-499A-B4CF-92AF0A7E0583}D:\enlisted\enlisted\launcher.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0E26494E-2A21-431C-AFDA-2C511834AE4C}D:\enlisted\enlisted\launcher.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9B07076B-FA4A-4F1C-8CA5-B791707CD487}D:\enlisted\enlisted\win64\enlisted.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BCF1B678-0072-47AE-BCDE-96FD81791745}D:\enlisted\enlisted\win64\enlisted.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7CD5FF9D-FCD6-426D-A632-EC854C664694}D:\remnant\overcooked2\overcooked2.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5EF0DE2F-1E04-4040-9A05-99BAF7262BFE}D:\remnant\overcooked2\overcooked2.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8CCA4B11-A19A-461C-A678-950B18ED0248}D:\steam\steamapps\common\battlefield 4\bf4.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{51878D86-AB04-4899-84D0-3B00E69FFC8A}D:\steam\steamapps\common\battlefield 4\bf4.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{601509DA-A21A-43EA-B09B-5D67F76871E5}D:\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8744001A-F20A-429D-9023-DEF855F0E69D}D:\steam\steamapps\common\foxhole\war\binaries\win64\war-win64-shipping.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F12DD89E-AC07-4428-BEF4-6A211F897859}D:\ghost recon future soldier\tom clancys ghost recon future soldier\future soldier dx11.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DB51B871-FD06-46A9-89C4-2BE020E111F4}D:\ghost recon future soldier\tom clancys ghost recon future soldier\future soldier dx11.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F510D060-C5D2-4029-8BD2-2E2CF933EA8D}D:\steam\steamapps\common\battlefield 2042\bf2042.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E8058751-269B-40FA-80D0-4B7A12809756}D:\steam\steamapps\common\battlefield 2042\bf2042.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{52875699-6D78-49B9-8227-699C2C531DA9}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BADFF65C-A01E-4F87-859A-3FCC08ADE6D7}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{813122F4-BA62-4251-BAE8-5B3E0152D214}D:\juegos epic\secondextinction\secondextinctioneos.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B9182AB4-8F73-4091-8036-46BDB2DD6F94}D:\juegos epic\secondextinction\secondextinctioneos.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B129B496-BC8E-400E-B1AC-28FB6E853935}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{06C52D54-9520-4CB4-9E4A-D58544A1D57B}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A287B231-2302-4978-A0FD-956DB03B9098}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{90FD0909-6AA2-4E63-9AC0-B4C218E3F113}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0953E823-FE0A-428C-935D-E42A2296CB02}D:\valorant\riot games\riot client\riotclientservices.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0CCF996B-1E82-469F-B6EC-48A31031DA1E}D:\valorant\riot games\riot client\riotclientservices.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{14007E37-DF4A-4B38-AB5B-687195FED331}" => eliminado correctamente
"C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" => no encontrado
"C:\Program Files\McAfee" => no encontrado
No pudo ser movido "C:\ProgramData\Altruistic\Altruistic.exe" => Programado para moverse al reiniciar.
"C:\ProgramData\Altruistic" carpeta mover:
No pudo ser movido "C:\ProgramData\Altruistic" => Programado para moverse al reiniciar.
"C:\Users\German\AppData\Roaming\Altruistic" carpeta mover:
No pudo ser movido "C:\Users\German\AppData\Roaming\Altruistic" => Programado para moverse al reiniciar.
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= Final de CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
No se puede realizar ninguna operaci¢n en ZeroTier One [12ac4a1e719050ed] mientras los medios
est‚n desconectados.
Adaptador de Ethernet Ethernet:
Sufijo DNS espec¡fico para la conexi¢n. . :
V¡nculo: direcci¢n IPv6 local. . . : fe80::f8e6:81b9:6121:7d86%6
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.61
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : fe80::a264:8fff:feec:6a02%6
192.168.1.1
Adaptador de Ethernet ZeroTier One [12ac4a1e719050ed]:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
========= Final de CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
0 out of 0 jobs canceled.
========= Final de CMD: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= Final de CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= Final de CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= Final de CMD: =========
========= netsh int ipv4 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
========= netsh int ipv6 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
========= RemoveProxy: =========
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-60943599-1268960206-3839154373-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-60943599-1268960206-3839154373-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
========= Final de RemoveProxy: =========
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.
=========== EmptyTemp: ==========
FlushDNS => completado
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 99357605 B
Java, Discord, Steam htmlcache => 1177692497 B
Windows/system/drivers => 14805752 B
Edge => 30720 B
Chrome => 454279594 B
Firefox => 0 B
Opera => 4949150 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 23388 B
NetworkService => 23388 B
German => 126539691 B
RecycleBin => 2597600 B
EmptyTemp: => 1.8 GB datos temporales eliminados.
================================
Resultado de los archivos programados para mover (Modo de Inicio: Normal) (Fecha y Hora: 25-08-2022 21:05:34)
C:\ProgramData\Altruistic => movido correctamente
C:\Users\German\AppData\Roaming\Altruistic => movido correctamente
C:\DumpStack.log.tmp => No pudo ser movido
C:\ProgramData\Altruistic\Altruistic.exe => Se ha movido correctamente
C:\ProgramData\Altruistic => Se ha movido correctamente
C:\Users\German\AppData\Roaming\Altruistic => Se ha movido correctamente
==== Final Fixlog 21:05:34 ====Respecto al punto 0: ESN Sonar es algo que se instaló junto a Altruistic, pensé que lo había eliminado.
MSVCRT desconozco lo que sea, no lo había leído en mi vida.
ZeroTier se que lleva un buen tiempo en mi pc pero no recuerdo haberlo instalado en ningún momento.
Altruistic fue movido a la cuarentena de Avast durante la corrección, ¿lo elimino o lo dejo en cuarentena? Al parecer se ha detenido y no sigue apareciendo como una rutina
Saludos!!
Primero de todo, disculpa que haya tardado en responder @Defcon. Pues últimamente voy con muy poco tiempo para el foro y es normal. Pero seguiremos el caso hasta el final.
vamos por buen camino, pero aún no hemos acabado.
OK.
Ok.
Ok.
NO. En todo caso a la CUARENTENA de FRST.
Sí, con lo que hemos hecho el bicho ha muerto, pero no te emociones… aún no estamos. No quites ni hagas nada que yo no te haya dicho.
Por lo general, si tienes un malware en la CUARENTENA este ya no está “vivo” y ya no es dañino para tu máquina. Pero si restableces la cuarentena en lugar de vaciarla, ojo 
porque el bicho volverá a revivir, así que cuidado con esto.
Ahora, harás lo siguiente:
Ahora debes de hacer una COPIA DE SEGURIDAD DEL REGISTRO, para ello:
-
Reinicias el ordenador en Modo Normal.
-
Descargas DelFix en tu escritorio.
-
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)
-
Marcas solamente la casilla de Create registry backup, el resto te aseguras de que no estén seleccionadas.
-
Presionas en Run.
Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.
Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
MSVCRT Redists (HKLM\...\{3BFC9CAE-091D-11E4-886A-F04DA23A5C58}) (Version: 1.0 - Sony Creative Software Inc.) Hidden
ZeroTier One (HKLM-x32\...\{80CEE5C9-4DF0-43F5-B232-484D6455978E}) (Version: 1.4.6 - ZeroTier, Inc.) Hidden
ZeroTier One Virtual Network Port (HKLM\...\{4AFE4740-C680-40FE-B6B0-0C15EB0176F1}) (Version: 1.0.0 - ZeroTier) Hidden
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
ENDLo guardas con el nombre de FIXLIST.TXT en tu escritorio (MUY IMPORTANTE). Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.
Finalmente (OJO, en MODO NORMAL):
-
Ejecutas nuevamente FRST.exe (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador).
-
Presionas sobre Fix/Corregir y esperas a que finalice el proceso. No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.
-
Cunado finalice, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta.
-
Reinicias el ordenador en Modo Normal compruebas durante un rato el funcionamiento de este y comentas como sigue el problema inicialmente planteado.
Muy Importante Coloca el reporte que te he pedido como se muestra en la siguiente imagen:
Salu2.
Ahora seguimos y vamos para bingo, jajaja.
DESINSTALACIÓN
Para los programas en que te diga: los quitas. Hazlo así:
Desinstalalos con Revo Uninstaller en su Modo Avanzado. Para ello sigues su manual la parte de desinstalación de programas.
Quitas los siguientes programas:
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
MSVCRT Redists (HKLM\...\{3BFC9CAE-091D-11E4-886A-F04DA23A5C58}) (Version: 1.0 - Sony Creative Software Inc.) Hidden
ZeroTier One (HKLM-x32\...\{80CEE5C9-4DF0-43F5-B232-484D6455978E}) (Version: 1.4.6 - ZeroTier, Inc.) Hidden
ZeroTier One (HKLM-x32\...\ZeroTier One 1.4.6) (Version: 1.4.6 - ZeroTier, Inc.)
ZeroTier One Virtual Network Port (HKLM\...\{4AFE4740-C680-40FE-B6B0-0C15EB0176F1}) (Version: 1.0.0 - ZeroTier) HiddenEn caso de no encontrarlos con el Revo, pues sigues con los siguientes pasos.
NEW FRST LOGS
Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.
LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).
Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?
Farbar Recovery Scan Tool
-
Ejecutas el FRST.exe (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).
-
Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.
-
En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.
-
Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.
Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado. También conectas nuevamente tu equipo a Internet.
PRÓXIMA RESPUESTA
Pegas los reportes de FRST y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).
NOTA IMPORTANTE
Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:
- No realices pasos/acciones que NOSOTROS no te hayamos indicado.
- No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
- No instales NADA (programas/software/complementos/extensiones del navegador…).
- No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
- No realices por tu cuenta otros procedimientos.
- Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.
Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:
Salu2.
1 me gusta