Ventana a cada rato de como abrir archivo .exee

Hola, llegue al foro por que es mi ultima salvación antes de formatear, cosa que no quiero, hay mucho trabajo que no quiero perder y que capaz este olvidando.

Resulta que hace unos dias instale un programa que contenia un exe junto con otro archivo, pero luego de ejecutarlo, me pedia mas archivos para que este ejecutase cosa que no hizo que funcionase, porlo que procedi a eliminarlo y no dejar rastro, pero este dejo infectado mi computador, ocasionando que cada treinta segundos o un minuto se abra esta ventana, queriendo abrir un .exee o .exe que nisiquiera existe.

Si le doy abrir con firefox, firefox me dice esto.

Pero voy a el directorio /temp y no encuentro ninguna carpeta que se llame sys32

No se que hacer ya, he pasado muchas veces el adwcleaner, el malwarebytes, y muchos otros antivirus.

Hola Azerothl

Vamos a desinfectar tu pc. Si bien ya realizaste algunos pasos por tu cuenta vamos a repetirlos para asegurarnos que ejecutes bien las herramientas.

EN BUSCA / ELIMINACIÓN DE MALWARE

(Mantén conectados todos tus dispositivos externos que tengas como: USBs, discos duros externos, etc).

Por favor, descarga todo el software de los enlaces que pongo/de sus respectivos manuales.

Ahora ejecutarás una serie de herramientas respetando el orden los pasos con todos los programas cerrados incluidos los navegadores.

Conectas todos tus dispositivos externos (todos los discos duros externos que tengas, así como todas las USB que tengas y discos duros externos si también tienes.

Realiza los pasos que te pongo a continuación, sin cambiar el orden y síguelos al pie de la letra:

0) Descarga **Ccleaner **Aquí te dejo su manual: Manual de CCleaner , para que sepas como usarlo y configurarlo correctamente.

Lo instalas y lo ejecutas. En la pestaña Limpieza personalizada dejas la configuración predeterminada. Haces clic en Analizar y esperas a que termine. Seguidamente haz clic en Ejecutar Limpiador. Clic en la pestaña Registro > clic en Buscar Problemas esperas que termine. Finalmente clic en Reparar Seleccionadas y realizas una Copia de Seguridad del registro de Windows.

1) Descarga, instala, actualiza y ejecuta Malwarebytes’ Anti-Malware. Aquí te dejo su manual: Manual de Malwarebytes , para que sepas como usarlo y configurarlo correctamente.

• Realizas un Análisis Personalizado, marcando Todas las casillas de la Derecha y de la Izquierda, actualizando si te lo pide. Es decir: conectas todos tus dispositivos externos (todos los discos duros externos que tengas, así como todas las USB que tengas y marcas todas las unidades de disco disponibles y las siguientes casillas:

1. Analizar objetos en memoria
2. Analizar configuracion de inicio y registro
3. Analizar dentro de los archivos

• Pulsar en “Eliminar Seleccionados” para enviar las infecciones a la cuarentena y Reinicias el ordenador.
• Para acceder posteriormente al informe del análisis te diriges a: Informes >> Registro de análisis >> pulsas en Exportar >> Copiar al Portapapeles y pones el informe en tu próxima respuesta.

2) Descarga Adwcleaner en el escritorio.

• Desactiva tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.
• Ejecuta Adwcleaner.exe (Si usas Windows Vista/7/8 u 10 presiona clic derecho y selecciona “Ejecutar como Administrador.”)
• Pulsar en el botón Analizar Ahora, y espera a que se termine el análisis. Inmediatamente pulsa sobre el botón Iniciar Reparación.
• Espera a que termine y sigue las instrucciones que te aparezcan. Si te pidiera Reiniciar, pues reinicias el ordenador pulsando en Aceptar.
• Si no encuentra nada, pulsa en Omitir Reparación.
• El log lo encontrarás en la pestaña Informes, volviendo a abrir el programa, si es necesario o en la siguiente ubicación: C:\AdwCleaner\Logs\AdwCleaner[C0].txt.
• Para más información aquí te dejo su manual: Manual de Adwcleaner.
• Activa de nuevo tu antivirus y cualquier programa de seguridad que tengas activado.

3) Utiliza nuevamente CCleaner tal como te dije en el punto 0.

Pegas los reportes de Malwarebytes y AdwCleaner y comentas como va el problema inicial planteado por el cual abriste este tema. También responde a las preguntas que te haya realizado a lo largo de este Post, siempre que te haya hecho alguna, si no, no

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

• No realices pasos/acciones que NOSOTROS no te hayamos indicado.
• No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
• No instales NADA (programas/software/complementos/extensiones del navegador…).
• No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
• No realices por tu cuenta otros procedimientos.
• Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

Mira, hice lo que dijiste pero aun sigo teniendo la misma ventana, crei que el registro de ccleaner podria solucionarlo, pero nada. Gracias por la ayuda.

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build:    06-29-2021
# Database: 2021-09-09.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    09-13-2021
# Duration: 00:00:00
# OS:       Windows 10 Pro
# Cleaned:  6
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hades
Deleted       C:\Users\SANTI\AppData\Local\Temp\PremierOpinion

***** [ Files ] *****

Deleted       C:\Users\SANTI\Desktop\GOODGAME EMPIRE.URL

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted       cknghehebaconkajgiobncfleofebcog

***** [ Chromium URLs ] *****

Deleted       Search
Deleted       Search the web (Babylon)

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1690 octets] - [13/09/2021 04:07:47]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Este texto estará oculto

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 18/1/22
Hora del análisis: 14:36
Archivo de registro: faafc516-7895-11ec-b4f7-18c04daa9e60.json

-Información del software-
Versión: 4.5.0.152
Versión de los componentes: 1.0.1538
Versión del paquete de actualización: 1.0.49971
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 19042.1466)
CPU: x64
Sistema de archivos: NTFS
Usuario: System

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Programador de tareas
Resultado: Completado
Objetos analizados: 409881
Amenazas detectadas: 13
Amenazas en cuarentena: 0
Tiempo transcurrido: 4 min, 0 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 2
PUP.Optional.Funmoods, C:\USERS\SANTI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Sin acciones por parte del usuario, 327, 455240, , , , , , 
PUP.Optional.Babylon, C:\USERS\SANTI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Sin acciones por parte del usuario, 395, 455059, , , , , , 

Archivo: 11
PUP.Optional.Funmoods, C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, Sin acciones por parte del usuario, 327, 455240, , , , , C937280F0374F8A5B3F90908562FE0A7, 8E54D7AD95254C39E9DDC408D11A1C6EA82E6BD4C2B40DCB7FC6C87458974B9C
PUP.Optional.Funmoods, C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000016.log, Sin acciones por parte del usuario, 327, 455240, , , , , 2418C28120DE6071247C20A263571A7A, 2CBFECDDC5191A4E312E968EAF5878B16CFDEFDF61F2ED29C62164E195A6F134
PUP.Optional.Funmoods, C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000018.ldb, Sin acciones por parte del usuario, 327, 455240, , , , , FBE1315B69FE58AF8A141878629A3F8E, 6AC9F27631815B13028C4591321D2780010DC7186E86CBA84A8A73F9061ED126
PUP.Optional.Funmoods, C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, Sin acciones por parte del usuario, 327, 455240, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.Funmoods, C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, Sin acciones por parte del usuario, 327, 455240, , , , , , 
PUP.Optional.Funmoods, C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, Sin acciones por parte del usuario, 327, 455240, , , , , 0676A875DA9D066DAFB5DE600CD53CDD, 03753596B21BE9825A730B64840DB1FF601F21ADFD5D8AF6BC5470510C90A8FD
PUP.Optional.Funmoods, C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, Sin acciones por parte del usuario, 327, 455240, , , , , 8027C137EFFFACD7442CA99D2F798489, 622781B98F6D9BDEFA1E42907D55173052D5B8FF0A5FCB78E52A2E2E014F4A26
PUP.Optional.Funmoods, C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, Sin acciones por parte del usuario, 327, 455240, , , , , 91EA42FE9092F36BDA31A973AEAAB2B7, 5D2EBBE204FF45027D364006FE2CFAF1AD35D1B57344B8C08793E953E6475542
PUP.Optional.Funmoods, C:\USERS\SANTI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sin acciones por parte del usuario, 327, 455240, , , , , E83E0E6EEF041CE09CB8D8E4401CC9BD, 09E7EEDF534A7603B42B77202FEC387EF969FBEE61660A87747DEB02E17C926B
PUP.Optional.Funmoods, C:\USERS\SANTI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sin acciones por parte del usuario, 327, 455240, 1.0.49971, , ame, , 681FCD221D97C7E0A86DD5E5CE4008E4, 858609EC8AB0709EF846D34A77AD120BF1B92917A7B9DE54950E4D6004D48487
PUP.Optional.Babylon, C:\USERS\SANTI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sin acciones por parte del usuario, 395, 455059, 1.0.49971, , ame, , 681FCD221D97C7E0A86DD5E5CE4008E4, 858609EC8AB0709EF846D34A77AD120BF1B92917A7B9DE54950E4D6004D48487

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)```

Hola nuevamente

Estas ejecutando mal malwarebytes y lo que encontro no se ve que fuera eliminado.

Ejecútalo de nuevo de esta forma y luego pasa ccleaner nuevamente

Vale disculpa, mira. Ya pude hacerlo correctamente. Pero se perfectamente que el problema no esta en los otros discos, por que todo se dio luego de descargar dicho programa en disco C.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 20/1/22
Hora del análisis: 10:31
Archivo de registro: 0753ecee-7999-11ec-bd89-18c04daa9e60.json

-Información del software-
Versión: 4.5.0.152
Versión de los componentes: 1.0.1538
Versión del paquete de actualización: 1.0.50031
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 19042.1466)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-H90MM26\SANTI

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 2227431
Amenazas detectadas: 128
Amenazas en cuarentena: 128
Tiempo transcurrido: 23 hr, 6 min, 3 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 128
Malware.Heuristic.1008, F:\WARCRAFT III\KEYGEN.EXE, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003F0, dds, 01605672, E87E77E462D6F89FF92CA88459E1089E, A4A94B4DA1D188CD4F825E92C211C35FE7D196077320221DEACA45DDAEEAF211
Generic.Malware/Suspicious, F:\WARCRAFT III\KEYGEN.EXE, En cuarentena, 0, 392686, 1.0.50031, , shuriken, , E87E77E462D6F89FF92CA88459E1089E, A4A94B4DA1D188CD4F825E92C211C35FE7D196077320221DEACA45DDAEEAF211
Malware.AI.4220848308, F:\PC 2.0\EYECHECKER (8).EXE, En cuarentena, 1000000, 0, 1.0.50031, 7A141FC2834B5613FB9508B4, dds, 01605672, 2E9D8BB150160DD583CD7154698372A7, B2386624E32D59F5494E67392729A2391830705BE4E2950B0AD5A2F2872E2F81
Malware.AI.4220848308, E:\$RECYCLE.BIN\S-1-5-21-3632613967-273524341-1505577580-1001\$RM4877S.EXE, En cuarentena, 1000000, 0, 1.0.50031, 7A141FC2834B5613FB9508B4, dds, 01605672, A49EFFD5983326CDF5278473FADD8DD5, 2F2907827CADFEEDC5C6395D50BACC6ADF405B42527F9B0928F8A35D1BCA99DF
MachineLearning/Anomalous.94%, E:\$RECYCLE.BIN\S-1-5-21-3632613967-273524341-1505577580-1001\$RN6T2QL.EXE, En cuarentena, 0, 392687, 1.0.50031, , shuriken, , DC4F1363BB5A3F0EF5D8546AE0F5D9AE, D13FDF2F21A02AFE1EA4E895F51FC4D84435469CCC2589458DC80201909AB9AA
MachineLearning/Anomalous.94%, E:\$RECYCLE.BIN\S-1-5-21-3632613967-273524341-1505577580-1001\$RBKIVYA.EXE, En cuarentena, 0, 392687, 1.0.50031, , shuriken, , DC4F1363BB5A3F0EF5D8546AE0F5D9AE, D13FDF2F21A02AFE1EA4E895F51FC4D84435469CCC2589458DC80201909AB9AA
MachineLearning/Anomalous.94%, E:\$RECYCLE.BIN\S-1-5-21-3632613967-273524341-1505577580-1001\$RP2BZQR.EXE, En cuarentena, 0, 392687, 1.0.50031, , shuriken, , DC4F1363BB5A3F0EF5D8546AE0F5D9AE, D13FDF2F21A02AFE1EA4E895F51FC4D84435469CCC2589458DC80201909AB9AA
MachineLearning/Anomalous.94%, E:\$RECYCLE.BIN\S-1-5-21-3632613967-273524341-1505577580-1001\$RRU9JKW.EXE, En cuarentena, 0, 392687, 1.0.50031, , shuriken, , DC4F1363BB5A3F0EF5D8546AE0F5D9AE, D13FDF2F21A02AFE1EA4E895F51FC4D84435469CCC2589458DC80201909AB9AA
MachineLearning/Anomalous.94%, E:\$RECYCLE.BIN\S-1-5-21-3632613967-273524341-1505577580-1001\$RHNBR00.EXE, En cuarentena, 0, 392687, 1.0.50031, , shuriken, , DC4F1363BB5A3F0EF5D8546AE0F5D9AE, D13FDF2F21A02AFE1EA4E895F51FC4D84435469CCC2589458DC80201909AB9AA
MachineLearning/Anomalous.94%, E:\$RECYCLE.BIN\S-1-5-21-3632613967-273524341-1505577580-1001\$R3A2IB4.EXE, En cuarentena, 0, 392687, 1.0.50031, , shuriken, , DC4F1363BB5A3F0EF5D8546AE0F5D9AE, D13FDF2F21A02AFE1EA4E895F51FC4D84435469CCC2589458DC80201909AB9AA
PUP.Optional.MailRu, E:\ADWCLEANER\QUARANTINE\ZDGC81TBDK\MAIL.RU.LNK, En cuarentena, 247, 511420, 1.0.50031, , ame, , C83876EC837F176096D97CB4DF82C13B, 99F0F46F355735AF2FE7BA6CEE50B14DD03306E6568D4AED727BBE63010F6706
MachineLearning/Anomalous.94%, E:\USERS\KEVIN\APPDATA\LOCAL\TEMP\RARSFX0\MENDIGOSCHECKER.EXE, En cuarentena, 0, 392687, 1.0.50031, , shuriken, , 6B275145496E81255801B48AA0B78CED, 78AB72DC36DDE92BF149EA4B39F965511390F75AC9733E1FBE59FDBD7FA443C3
MachineLearning/Anomalous.94%, E:\USERS\KEVIN\APPDATA\LOCAL\TEMP\RARSFX9\APP.PUBLISH\MENDIGOSCHECKER.EXE, En cuarentena, 0, 392687, 1.0.50031, , shuriken, , BCB0255C9A6E16066C25D14A080B2FC8, EC9275A15DD82AB848E6812D0DB767B8C7FB21DEF5E42D930E3C9FBDD534982E
MachineLearning/Anomalous.94%, E:\USERS\KEVIN\APPDATA\LOCAL\TEMP\RARSFX9\MENDIGOSCHECKER.EXE, En cuarentena, 0, 392687, 1.0.50031, , shuriken, , FAFCD849E3EC6AA5EC55B9807CF22B42, A88726FE95A3205077F636DA8667CACA3CA806ED181596A716E7A48D8ACD563E
Malware.AI.4220848308, E:\USERS\KEVIN\DESKTOP\EYECHECKER (2).EXE, En cuarentena, 1000000, 0, 1.0.50031, 7A141FC2834B5613FB9508B4, dds, 01605672, BB966F62768D424383FE446CEAAD9321, 79CD6DD22F8B41600F19DAB19E3185F2B80BB6693E39C1BB74408562B0BB040E
HackTool.Agent, E:\USERS\KEVIN\DOWNLOADS\SLAYER_LEECHER_V0.6.RAR, En cuarentena, 3866, 802379, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 13732DB9B6E61FC390009ADBA76C251D, A489F71F24DB00FBDB463753CD51ECABB9291CA8234A942B90F9C9FBF1F7D0A7
Malware.AI.4257026827, E:\USERS\KEVIN\DOWNLOADS\MAILS BRUTE.RAR, En cuarentena, 1000000, 0, 1.0.50031, 473A155F4717EE3CFDBD130B, dds, 01605672, 149D3166B748FA3BD50A3AC1884430E7, F8AE4425E382B13241E40FCAF8D174C941A03EF8258899859755A88CDD4BF4E4
Malware.AI.4275296128, E:\USERS\KEVIN\DOWNLOADS\MULTIKING.RAR, En cuarentena, 1000000, 0, 1.0.50031, BAAC6E011C9FFA9AFED3D780, dds, 01605672, 8E4B499AA26C240DDAE089BC9250CF5D, 97B3D0B9F6EB71E3588704926FB307027031B994C8A4114814B9621A8098CB54
MachineLearning/Anomalous.94%, E:\USERS\KEVIN\DOWNLOADS\MENDIGOSCHECKER2.0.1.EXE, En cuarentena, 0, 392687, 1.0.50031, , shuriken, , 4014B3C5ED457101A3E7AC5085A9CA64, 36209C68E47FD3C3D464ED14128EFBCB2E631A324BF437025DF9F0F2C436A0BC
MachineLearning/Anomalous.94%, E:\USERS\KEVIN\DOWNLOADS\MENDIGOSTEMPNEW.EXE, En cuarentena, 0, 392687, 1.0.50031, , shuriken, , 2EBE5E6E18710A6F3E00052E63677124, 8E660D1B66B7D39E44BCB89DE29356B6ACAA838352D5D7FA74E8163D77004F7B
Generic.Malware/Suspicious, E:\USERS\KEVIN\DOWNLOADS\VYPERVPN_CHECKER_2018.RAR, En cuarentena, 0, 392686, 1.0.50031, , shuriken, , D6561F8BA071E7EFB94C4B59B1B2FD84, C2D942F6D74A1FF11BFF681FFA5C29AED2F22B732B115945477AA84892407C03
Trojan.Dropper, E:\USERS\KEVIN\DOWNLOADS\ADFOC US CHECKER BY PAPARAZZITEAM.RAR, En cuarentena, 548, 715307, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 5D1B7EAF9DAA38B5E9548AB26DF016C7, 6A8101CFEB87AB5A1EEA9B7151CBECB754565B6683A86A18D46AD02582700C5C
HackTool.Agent, E:\USERS\KEVIN\DOWNLOADS\CRACKING STATION!.RAR, En cuarentena, 3866, 816586, 1.0.50031, 0000000000000000000003E9, dds, 01605672, 160E4D3C06641D3DC982AA3AA51FA9FD, 59DC77FED188FC25DE5033D65D02497B46CE5D92EF2200033B15617C09CDC210
Trojan.MZCrypt.MSIL.Generic, E:\USERS\KEVIN\DOWNLOADS\EBAY RC RELEASE.RAR, En cuarentena, 10815, 913542, 1.0.50031, C6AAAA78C652516C8E02B75A, dds, 01605672, C1C178275CBD87930F8A3506F9F78A79, E6522F8B7C2F886D113777C3A49E286E3B59FBB0E6ABCCE61BE1C7F0D40C9A29
Trojan.Dropper, E:\USERS\KEVIN\DOWNLOADS\ORIGIN CHECKER (1).RAR, En cuarentena, 548, 715307, 1.0.50031, B767AC89F71F5CC16FBA43B7, dds, 01605672, EDF990932B5A4C7BD7772E9BFFA11FFE, 40B48C0E103EFBF06A3CE941B33F810D714B5ECA2AB0AA40D36A94AE531FE022
Malware.AI.1246579502, E:\USERS\KEVIN\DOWNLOADS\EBAY REG CHECKER.RAR, En cuarentena, 1000000, 0, 1.0.50031, 0435B6B584E6AE274A4D4B2E, dds, 01605672, B704016F2385D3677EDE9119D5C709DA, B17785573466EFF42355183226262C3D990AF41E2E64A520AA538E5243BC7BA8
Generic.Malware/Suspicious, E:\USERS\KEVIN\DOWNLOADS\NEW ANTIPUBLIC 2018.RAR, En cuarentena, 0, 392686, 1.0.50031, , shuriken, , 80803D43027FF857563025A81250A2DB, FAC7EB1D46003DD3E44DC064D29B1EC1F4A48A29185F218D8B8905003EDA4CCB
Malware.AI.1223719359, E:\USERS\KEVIN\DOWNLOADS\CC_CHECKER_SRC_PROGRAM.RAR, En cuarentena, 1000000, 0, 1.0.50031, 37EB19A8B1DA39B848F079BF, dds, 01605672, EFD5E737CA2FF711B1358151FB618A67, F66FA3D3DE88754F2228BF98E1798B5E92ABE12BD46E4DAABEE11DC3368A90E8
Malware.AI.4220848308, E:\USERS\KEVIN\DOWNLOADS\EYECHECKER (1).EXE, En cuarentena, 1000000, 0, 1.0.50031, 7A141FC2834B5613FB9508B4, dds, 01605672, A49EFFD5983326CDF5278473FADD8DD5, 2F2907827CADFEEDC5C6395D50BACC6ADF405B42527F9B0928F8A35D1BCA99DF
MachineLearning/Anomalous.100%, E:\USERS\KEVIN\DOWNLOADS\AVIRA PHANTOM VPN 2.11.3.29834 SETUP + CRACK.RAR, En cuarentena, 0, 392687, 1.0.50031, , shuriken, , 509A575C49A5761BE6D55138C82D3334, ED94FFBD6A8CE0BB938343400C2226C8906C15E413C3573A921C60147522F462
Malware.Heuristic.1003, E:\USERS\KEVIN\DOWNLOADS\AVIRA PHANTOM VPN 2.11.3.29834 SETUP + CRACK.RAR, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 509A575C49A5761BE6D55138C82D3334, ED94FFBD6A8CE0BB938343400C2226C8906C15E413C3573A921C60147522F462
MachineLearning/Anomalous.94%, E:\USERS\KEVIN\DOWNLOADS\EYEREGISTER.EXE, En cuarentena, 0, 392687, 1.0.50031, , shuriken, , BE5F40DE110E44802B0334C4DDF1BE31, F0E86AA94C23D287FD439803FF6A5914F94F5255ACA729F72BC12C64AD818FF5
Malware.AI.4220848308, E:\USERS\KEVIN\DOWNLOADS\EYECHECKER (2).EXE, En cuarentena, 1000000, 0, 1.0.50031, 7A141FC2834B5613FB9508B4, dds, 01605672, BB966F62768D424383FE446CEAAD9321, 79CD6DD22F8B41600F19DAB19E3185F2B80BB6693E39C1BB74408562B0BB040E
Malware.AI.4220848308, E:\USERS\KEVIN\DOWNLOADS\EYECHECKER.EXE, En cuarentena, 1000000, 0, 1.0.50031, 7A141FC2834B5613FB9508B4, dds, 01605672, 69DF01E9DD83926CC9B8D491131B2C37, 05315AF7A9F64A7BC8283B9A11932F0E28A44BD2492170AA8CA038ABD2A3D4CD
Malware.Heuristic.1003, E:\USERS\KEVIN\DOWNLOADS\EYEREGISTER.EXE, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, BE5F40DE110E44802B0334C4DDF1BE31, F0E86AA94C23D287FD439803FF6A5914F94F5255ACA729F72BC12C64AD818FF5
Malware.Heuristic.1003, C:\PROGRAM FILES (X86)\MAGICK CHECKER\MAGICK CHECKER.EXE, En cuarentena, 1000001, 980983, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 15F965D148F9CF27786FE1D2263545F6, B43139E5CFA4CA4BBADBF0041FF506A7AD02C5AE20E9DBC7987D45A2568F0445
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\SYSTEM.WEB\968939B0659C43620746745C9B7D1B38\SYSTEM.WEB.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 1CAF29F1AFBFE435100CC8B21B7A19F8, CE8C88A017D9B22EDBDA068EB9393D874203E8E538DE69FFD5B5489E9D87FC22
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.BUILD.VIS#\A49162884EFB594B053DCDDFED6DE8D6\MICROSOFT.BUILD.VISUALJSHARP.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 93A3F4ED88F481840605D84A91673731, 76E6A5E7A25A85631B961A146C5DE5B1610C336433026ACB5BFF49FF23022974
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.INK\334F9160C8EA6B11842AAC41A8A11F3C\MICROSOFT.INK.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, A6B0C69979A4829E78B0029EE1BDE0A6, 5E049D054753C19D1E1F0247C6AFA475958F0431DB32FA328B26B91EAD2E843C
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.OFFICE.TO#\221F967B1A0924BF2508DA5FAE2EC2FC\MICROSOFT.OFFICE.TOOLS.WORD.V9.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 86A3D49C9475F0728A73A032FBFFC0B1, D23AEC18CA9908CD01B043B06B311A5A53F4F582E3A4E64B6B610B828EA9E25D
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.OFFICE.TO#\77D73D5447F66509E43B9D4B5858238C\MICROSOFT.OFFICE.TOOLS.V9.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 1A72D29EDBDD4DBA67C1668F3B9079BA, 69F471B1E76983418F01EAD321B9FF4800457C3DF2192726BBD2D06275D7C406
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.OFFICE.TO#\AF2DF57DE2DA51DE89AA248379DEF0FC\MICROSOFT.OFFICE.TOOLS.OUTLOOK.V9.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 4ADE0B7A7F2DF8A62803CD072409B925, 94838C8D8CA7AB5B8561293526564E17F0A3867B17F7A39F77012E0BDB08DB53
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.OFFICE.TO#\A1EF26057AF0C4E105EB6E5BA00BDA4B\MICROSOFT.OFFICE.TOOLS.COMMON.V9.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 891F6F4E88C3E826A0798399A7CD4791, 672C25A4408B65C37CA37E3A88EC70D77373DF29CFF3AE924AF352D706B24B15
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.OFFICE.TO#\F2D2AE4303F5EC104F901F677F37B9C4\MICROSOFT.OFFICE.TOOLS.EXCEL.V9.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 05AC0BD95CBFA558579BDD88B43A609D, C2DD081C9DA6A61DFC8BB4FEA70FAF2F30ED6148036B932FFC305E90E571ED66
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.POWERSHEL#\7F03B6A3F8F75569BCEBFEBB1296E65C\MICROSOFT.POWERSHELL.SECURITY.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 3B6C678420305DA6F8AF7415717BDB56, 6BEA9F82C7AD033DAC2158E4F6F1B3231F299431E2F78CDB7A8F2AFF691498B6
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.POWERSHEL#\C0B970115769713A610D365F24C7024D\MICROSOFT.POWERSHELL.CONSOLEHOST.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 1981A188173235FB99600F0BB73FC8A2, 783BB3E9703EF916F7093EC172F2D6DF9E24836C188B1AEEE97532E7F9586E7F
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.POWERSHEL#\D42BFB69D8565A07354FDF6FAA6EF577\MICROSOFT.POWERSHELL.COMMANDS.UTILITY.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, D04B7FEDB37FF0302712EFF98CCDEF2A, FF762C9938B3BC495AED24E935AA60C85041A678BE8666D044A09E46DC2424AC
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.POWERSHEL#\E2624D4627B4B6B3BB1E947ECC7929A8\MICROSOFT.POWERSHELL.COMMANDS.DIAGNOSTICS.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, B92FF59C26BD95DB53537C919A6EDCD2, 6A46BD3C33ED2BC891DEF1024D32BA6336BC74E9447057578F2188E923841B8C
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\654708198E05A349CCDB1B8498BA23C0\MICROSOFT.VISUALSTUDIO.TOOLS.OFFICE.EXCEL.ADDINADAPTER.V9.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 4D249CFEEBF598E8010003ACF4AD2C75, 44571BD04DCA868B6316104692AAFE72821AF52BA9F62F17F13E8C17AF30E35B
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALBAS#\214C567A0BF2A97BD7FD784BA5EAC55E\MICROSOFT.VISUALBASIC.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, D2BD3A07D631A72783B7CA32E6E8DCAF, 7B55B8EE5DEE9088281CF412E9F24B3C8377A93A957170E03437C2B6A0525F34
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\01C4D84A95D5A6FBAE7F243CA024F9D0\MICROSOFT.VISUALSTUDIO.TOOLS.OFFICE.APPINFODOCUMENT.V9.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, EFEE177C08148A553BAB4EC50F66BA16, 547170972779958EBA87ED30D6D2F3D192EDC71FB50E0A5BFC4F8373AA2C6E73
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\02158D764BCA2B24F58C61F50F1025DE\MICROSOFT.VISUALSTUDIO.TOOLS.APPLICATIONS.RUNTIME.V10.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, B98960E55017ABC252BF7E7335D8E613, 0C55EB989847B2F4C6020C368601205D791A184F1976C6E7EAFCAF2626924501
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\0492B84F1A032C523A5A334AC7599A56\MICROSOFT.VISUALSTUDIO.TOOLS.OFFICE.OUTLOOK.HOSTADAPTER.V10.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 50DDE02AD402829670E586D8E1BE7B98, 40BAA4AD6A0240A55364FD1A9367909834A1F28C5336784403970240F902E8CA
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\0DF9D2558F9F27F54592893993DC25C6\MICROSOFT.VISUALSTUDIO.TOOLS.OFFICE.WORD.ADDINADAPTER.V9.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, A0A98CBF310CD171A81B31EE263F94C5, 63E757C4748FA9A24E07099B6BB67BBE8FA2BB7506C0E6EF0CE76F77F8FF230E
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\0A6759C06D2A62BF4E83628A301CC6CB\MICROSOFT.VISUALSTUDIO.TOOLS.APPLICATIONS.ADAPTER.V9.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 31535BE9F6057B2124413BB047E0EA3A, 656B05EB44C0BD6082DDFE5D43F7158385D2054359FE377F3CFFDE5C20357BBE
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\1D5C53520E70EE448C7708B4E89957DE\MICROSOFT.VISUALSTUDIO.TOOLS.APPLICATIONS.SERVERDOCUMENT.V10.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, BB31E6BC93D294AD00DC69A7B2907046, 7717781FC79615CE36A3D5C088D9B3684BC616977676BE8FA89055065E38AF5C
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\37F1968E5A17A48450962B2038ECC0A9\MICROSOFT.VISUALSTUDIO.TOOLS.OFFICE.EXCEL.ADDINPROXY.V9.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, DA5A295C2FF55103ABDEA77FB194A9A9, E46D9D937D5917E5E92F76805B946861C09ED6E7D2A5050F6F5B986A3A3D1B1A
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\3B2115E2963A77C151EE54B67CD86197\MICROSOFT.VISUALSTUDIO.TOOLS.APPLICATIONS.ADDINADAPTER.V9.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, EB25E79FC2284522653CF993C61184C9, E2A2B083A60233241466F73486D2790B436C431C2A95AD57592E5E5B82F9B1AC
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\52B07047EA6DCB0F3CF3C64650E6554D\MICROSOFT.VISUALSTUDIO.TOOLS.OFFICE.RUNTIME.V10.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 12EEE241BCAB3BEEA60B45F940B75949, 47BE13DF01D5555D94B286D21012CA22880C47FE21A78D95644C8A628D13F672
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\5BCD196B04E54547E1209C3FEDA41E97\MICROSOFT.VISUALSTUDIO.TOOLS.APPLICATIONS.RUNTIME.V9.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, B9599C737EF9E7559255CD578A63C7B8, C907A3971B00BDD277F9A3096EC708674F527DDE21C6244DFCA027BD06ED30DA
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\607E2AB9BFFF5B8F9D965A3B22AFD599\MICROSOFT.VISUALSTUDIO.TOOLS.APPLICATIONS.HOSTING.V9.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, C0EA01167A1F57B119272C53DE8D89D9, FA50CE284035D8B1757D3D62EE8839EB20D6AB4990E204AF0DF4F173EB5DF7A0
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\6B4E5462B3F432BD4FE82AECA158E1A2\MICROSOFT.VISUALSTUDIO.TOOLS.OFFICE.CONTAINERCONTROL.V10.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 0309AFCADF552669E5EB4CBE5087F62E, 3E6593E83514921A3843F93E5899860452AD28988D62382CA12F42AE757A20E5
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\762688C6BC80FFE15AB4A6A0AB54B0FE\MICROSOFT.VISUALSTUDIO.TOOLS.APPLICATIONS.HOSTING.V10.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, D294A1CD0A32AC8BDCD160644E42060F, B6EE1715D5139D01A5C9002748845CB7AC109005ED0F5B808CCEEC2465EF0C97
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\7B32FD4054E13864A1006A544C6182AD\MICROSOFT.VISUALSTUDIO.TOOLS.OFFICE.WORD.ADDINPROXY.V9.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 2F77B3505F7619FE3848F15BB939ED91, 8BEE0A7F6CB0ACB10672AE38B1FC5F60287CE69F053688C007A5BDCF5BE29AC3
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\96769E4F731D595D070EB313FBDE2457\MICROSOFT.VISUALSTUDIO.TOOLS.OFFICE.ADDINADAPTER.V9.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 9A226A3D53614D288D3E56EF659D4212, 12E73893999A7429C317BA28546ACF35E95605AAF995183556C9A052334AE94A
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\96A859EABD968ADAF1FED34839CCC609\MICROSOFT.VISUALSTUDIO.TOOLS.APPLICATIONS.ADDINADAPTER.V10.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, FA2C45C417181B6F5C6CA7DFF3C05824, D828D6FD3D84F471FB024060130C42A42C03A627CF5B0935478158D20CE75052
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\9AD8D6344EC8A4BC1A18FC1E2CD284ED\MICROSOFT.VISUALSTUDIO.TOOLS.OFFICE.HOSTADAPTER.V10.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, A05888EB05396C57AD90F820440B8A00, 28F2035B3E93C673F8F4BA6C54462F3DDC30E0DAA3505AB70288E95D1871841A
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\A9F87C189B4D49A492EC51C14E2CBBC3\MICROSOFT.VISUALSTUDIO.TOOLS.APPLICATIONS.HOSTADAPTER.V10.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, CDC548B2DF9397FB99385E57A0170D10, BE292AAD5B9C23AA2A615504EF264F426EF23B054C5736A62100F9C7386CF601
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\B94C77506A2E743F44B7458364E9D493\MICROSOFT.VISUALSTUDIO.TOOLS.OFFICE.EXCEL.HOSTADAPTER.V10.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 2C5C47C4795A97BB389EE13252925B27, DB8A2A8F8D7A2440D5567B3CF16741CB77135E5C383A7E9DE6F5BE0998E19FD7
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\E7255B8177842063377870717B81C70B\MICROSOFT.VISUALSTUDIO.TOOLS.OFFICE.WORD.HOSTADAPTER.V10.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 42A3804F742977FFDCED62F4A014D0A1, 038F78B07090D42BF848761E1581D11D0568092E125251818161466FCD1BE487
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.VISUALSTU#\F3A325777829602987023B69E93B6BCC\MICROSOFT.VISUALSTUDIO.TOOLS.APPLICATIONS.SERVERDOCUMENT.V9.0.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 9E844F4AAD8F8979373521E3DDC7FA4C, 51BA15E3FC90A9FB99CA3B0B027E968264ED59A3C9B33A814CE3E50EDDA69A06
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.WSMAN.RUN#\BD625441895E5FA0B9638CA8CB45EF6C\MICROSOFT.WSMAN.RUNTIME.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, B594FD6ACB7E261BA7749C175DBDF5D8, AF2161E2361A47DD2D72F7A8134BDAA775E963E57A8C47A8ABC07F0A28C3DDC0
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\MICROSOFT.WSMAN.MAN#\AB57661065867378F6958DD682F63D75\MICROSOFT.WSMAN.MANAGEMENT.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 03065F9A1D20876C3FBAFA8336C5AF86, 1441485100967D98FD7151499E81CBE48930F9FD35E2BC971C755AD4E501D673
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\SYSTEM.WEB.SERVICES\DE8815212091EF82E03F6329672DAA56\SYSTEM.WEB.SERVICES.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 1CDA0C5911CC7096EA06D1DA784F78D1, BE520DCEBD07520B4B3ECD270C316A325D03E11E61FB784CA001C1620F208AF6
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\VJSHARPCODEPROVIDER\603380481241AACD3C74D07E41AD33CD\VJSHARPCODEPROVIDER.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 4B27C38117FD127535F9D59C526D748F, 2C216CF83AB36EC988F84DC101294EBE59B088DB90FEADE98EB586A979D1006F
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\VJSJBC\B2E13DF501206B8A07069104C428EE89\VJSJBC.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, EA23D367DB7A33C1C98A00C2B8ACD8F0, 90A1E0D35AA56DF4079B3CDDDBBED46654B225B3E20536FD33EA13726831B573
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\SYSTEM.WINDOWS.FORMS\9866DFD33A0B3DA982C851CE34736B25\SYSTEM.WINDOWS.FORMS.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, AB201A2BE0197183D97829712564081A, 8285CD9E8ABFA7F4EDC25CD14F82630510E0501F6FE1575BD1E6F7BB3117A6A1
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\VJSWFCBROWSERSTUBLIB\FCE8AFA1F50440E362C4483CA703F816\VJSWFCBROWSERSTUBLIB.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, ED367E5D83EC5A0481804F5A87CA4ECE, 64D2D433E648C549DFD5FDBAB3DF0F65E393B12CD12F40E69C9D299607CBBE31
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\VJSVWAUX\1B9BC0F27FC694C257F86644172FF1CD\VJSVWAUX.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 722D52EB81AF0EBACC1BD8A0261AE200, F3F978CC9A3FEE789559CBFCF41A44BB5A63D9302E51D54D269A875D7B503EDA
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\VJSLIB\CEC46EB2C7B6F8D2145F31ABB9952016\VJSLIB.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 957D377FB33D89E92139210BA9EA56EF, C39B5C3B082E53A4DE0E489635191571B1710DAB8EDEE3C104833FD952D9FB33
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\VJSSUPUILIB\9763CA5051EA1E939F7D6E868D3408A6\VJSSUPUILIB.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 00338694BE382159CB0C7BAA6E0E2799, 5E0FE91FE4174D1F3EA2D70D098D716053401D1ECAACBF42A793C62C3550B903
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\VJSWFC\C252B7EF49490CE50E3AFA4689901CA4\VJSWFC.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 06372912C35866A3D63F5F1DFDEC23CD, 1B1DDA0793FBBB655F5BCE27898465521BCBDB705891AFD07021C86D50885683
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\PRESENTATIONFRAMEWO#\F83F74734044E25F694F61CFA3ECA56C\PRESENTATIONFRAMEWORK.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, BC924740F8F6778B52E7A12593EDC774, 4DF5FA8A1E730411174B04EBB51D0AEF8C77F736903E9BD98CB399F7D6DDE778
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\VJSWFCHTML\8EB71A84800DD39675EFDA89664AAD16\VJSWFCHTML.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 998198D07694EE28EC7572EDC8832CAA, 0020BA60776605268013821CEC5A727BCB18BA932BD6CCC857D678AB626956E5
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\WINDOWSBASE\93E78AFD635281788A0A9C6D74AA449B\WINDOWSBASE.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 33B91464E6AE0263544F74A23BBF0364, 90B2EABC58297CC14D8933E48F87D99380A0B13320B84B855B131BB6B73903EB
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\PRESENTATIONCORE\45A01A2E02FE1624B505EED75FE669C5\PRESENTATIONCORE.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 60124520B0E47283D4677635074B2C9B, 6C953DC349D56B905F4A623A244E145FEDC642EED059CF58E954F36604FECD2B
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\SYSTEM.CONFIGURATIO#\4136B37AF1AD439D41D5FAD657EBEE69\SYSTEM.CONFIGURATION.INSTALL.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, F1E1B04E85581485A95479A289DB1E83, D69CE1BBE983042542E9281D322981E1ADCA0E4E6A662627807A962E24071795
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\SYSTEM.DIRECTORYSER#\6C99FEE7E5598A3421D7F355F813F2C4\SYSTEM.DIRECTORYSERVICES.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, FCE018D041CC48483D3955CA497793E4, 53758B4C89A407F0D386482A7B95B5ED047CC7E8CBA14E80D0C6604B656D344C
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\SYSTEM.MANAGEMENT.A#\BBCBCDA45ECB2129E42F3BBC8409803E\SYSTEM.MANAGEMENT.AUTOMATION.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, D8111613595B7D81BA065FEA24ED0ED4, 9CD7DDBCACD40BFF2E00B4707BCE4CA70D0E6DAB7CAAA9029378CF836EA90294
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\SYSTEM.RUNTIME.REMO#\519AEC8E8B6E62CB8F8EAA5C38F71807\SYSTEM.RUNTIME.REMOTING.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, DE3FD5CC7D2969EFC1B77A5EDE07CEB4, 0E52767BF61E7817CB058E859577B6A64FF130087F2E11A33F29D732FAA50186
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\SYSTEM.SERVICEPROCE#\017F8D836C43925EB2DC4F3238F1E52E\SYSTEM.SERVICEPROCESS.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 9BCD2152AB0065297E670C8E3848B293, 84BD641A7996F107AB2E65B9EAC8E3A7A5D1C2B4825445BD4C905FD52D3DA9EF
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V2.0.50727_32\SYSTEM.TRANSACTIONS\BFA0985FB4473F5D58A92B8EB9985470\SYSTEM.TRANSACTIONS.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, FBF3DE6F709E32DAE3DAC1DB4FBF5C8D, FA346BA818A1BC47A94BA734BE5AE161477551C6C2EAA05AC3F2FF804E6B1CE9
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\EVENTVIEWER\E86D4535311C672C33B013AADEF7F8F1\EVENTVIEWER.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, E2435B1A58810CDFE6B473F57DF04A95, 3CA233D8CC69CE316EDDC2A99EA0A79949C6A727EC199BA8EDC4DCC6D2926D7F
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\EMBEDDEDLOCKDOWN\5380B39DEB9B701DE6294F1160E6EFF2\EMBEDDEDLOCKDOWN.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 6DF6FFFE88ECA9B5D5D12020920A5749, F4086C093543BE7051E38632F8672B3C6C187B195FD0E0ADAA06DD45FB9F0A29
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.A26C32ABB#\AF1A57A290177B74E5A239097291FDB5\MICROSOFT.APPLICATIONID.RULEWIZARD.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 379643BF86FC9B09DBFA96C1599B4683, 822DD46205E4BD4334DBF685C576D9B6A3BC771D1FB00670A266147AE6A9CF22
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.C26A36D2B#\23F1F6C1EB96C1566FD01A8610FF5494\MICROSOFT.CERTIFICATESERVICES.PKICLIENT.CMDLETS.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, AEE079ACE40BC8E03A44FE8A6A9BD4A5, C4125ACD90E625C6A781FD2542D4287CC3AE57BDC2B19A39CE969E3F691EDFF7
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.D0FF51F83#\1283A55C9B1CE6403D8F6A67FF6299B2\MICROSOFT.DTC.POWERSHELL.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, AFD72AA14B229A384B4DB893DBEA5D39, 8FF8D5A0287869875D00A94E70D95C75648CF480072408BF846E1B17C2E5E75B
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.MF5AC9168#\9D75D2662564271138FC1EA1CFCACD5B\MICROSOFT.MANAGEMENT.INFRASTRUCTURE.CIMCMDLETS.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, B53408CBDA02CCE195142C6376C6616D, 6699267C58998B8ED289BBC300A927DD54BFE261D25AD1E9759E2479443A46F0
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.P047767CE#\88C18269501EB9B73AEE2B6740269344\MICROSOFT.POWERSHELL.CORE.ACTIVITIES.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, A4EDD450E75B4E2EA9652132FBDA3686, 56B532D4246518B741A026A5CF023EF4847CA2CAD050502157A48BA7D1C8C31F
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.P08AC43D5#\8C9B4E5C814CEE440ED8C56A5EB99E13\MICROSOFT.POWERSHELL.UTILITY.ACTIVITIES.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 87954B076FD83BB549146F41D66D6849, 6445D6BEBC7873753F208061B6BC8924D7F071B1C4CE786684FB5BAE0AD1CFBB
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.P0E11B656#\B5F03491FC14194B09F79ED72F3EC637\MICROSOFT.POWERSHELL.GPOWERSHELL.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 0088F47A670B1B11E47493324070BD89, FD837D71C46F843420608847D2B239A2AD26F8D524314A337F86DADB3CD72D17
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.P34F388C1#\40ACAB557ACDA20F121FF7A97154A114\MICROSOFT.POWERSHELL.DIAGNOSTICS.ACTIVITIES.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 806631C31D831DB96DEC88C9BD2E98D2, F414F056A63540D820295E3B2E4A1EE8D17CE6EFDC60DAAA92CE933B39D174EE
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.P39041136#\404C38FD454F31217CB17D1D3AA9F2E2\MICROSOFT.POWERSHELL.SCHEDULEDJOB.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 5B9BFB1531B909C8292A208CAFBAF418, E56C3EE4B72904FED83E664EE95200BB531B80265A6C68E02A827BB5EEF6ACF8
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.P521220EA#\577675EBDE081B41C7D75B6A0B8A2E01\MICROSOFT.POWERSHELL.COMMANDS.UTILITY.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 967797C97A9827000986889C7EA93A99, 10F13EF939F4191AAA2295E3A46D7488CDF66899929FF091194067E895F44E24
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.P655586BB#\8ADE8FFA990E9C5524EB08B6615C14B5\MICROSOFT.POWERSHELL.ACTIVITIES.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 8316D398A4D82F5D89826CF58A2DAFF9, F248E514888C71BBB928B11AE46454C7C58375BB672C0D1AC6B5201A84E66513
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.P6F9A5E83#\2F0DDB8D567FEDDA666208172B748DB1\MICROSOFT.POWERSHELL.SECURITY.ACTIVITIES.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, A2907F5497EC797AD97C7779069E325A, E4E4029E8407024C8CAF11E6F97AF8F99A888F714B24D6C39BF2BBADB90116BE
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.P9DE5A786#\B01EF085F0EB049455E2F598F246664C\MICROSOFT.POWERSHELL.MANAGEMENT.ACTIVITIES.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 416B89E890ED0DE00270375314E4169E, 74E8543EA11038EFD12FB3A7136D0601471FA2927F2D21BB8A82B5480B4B13B5
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.PAE3498D9#\BF406D349BDDB32A5BAC43122B2C3315\MICROSOFT.POWERSHELL.COMMANDS.MANAGEMENT.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 58CFF23BF8BC5B9F4A27584AEC16E713, DDA4464CAEC399A6CF9AA6277A6C62A2CF5353DF75AA3B0E24B20A074D49D824
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.PD3EFEF62#\7446F6F5096645A3F3A4BA0EC0005C43\MICROSOFT.POWERSHELL.ISECOMMON.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, A9CEBFA73884FD2900A0B7771426B9B7, A72298A4354F5312D3F737FF0F5903F0D36939466EBAC55226398C8D385E8133
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.PEFB7A36B#\6A80B3367EBD1A78B4D75B2B982A74E5\MICROSOFT.POWERSHELL.WORKFLOW.SERVICECORE.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, B9054C84DA0F5CA397DACA830E538EDC, B96A4215E6E1A648796E9852B91F6B1D20977D2C521C9046601FFA4531917167
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.S1BC92E04#\56F2C43F67DA1094F06AC6308D0134DC\MICROSOFT.SECUREBOOT.COMMANDS.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 6BCF9DD64DC264CBB3A463D4DE9D499D, 8D80035E12A650E00F1E327CE3BA55DE973F47ABA38ADCD7B60625B41025CBFE
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.S88747207#\63FFC2C12C44A8472CADE27E75A63B59\MICROSOFT.SECURITY.APPLICATIONID.POLICYMANAGEMENT.CMDLETS.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 08126AF58A00FD67BA76D99D5E34D9B2, 78FB59DBE41CE784696710C41D0A712373AC62C4BC978EC31671B1A9963BAA8D
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.SA56E3556#\CA39CBB1569ABCA90680B1123FE23F9D\MICROSOFT.SECURITY.APPLICATIONID.WIZARDS.AUTOMATICRULEGENERATIONWIZARD.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 776802EF137CBE81643B96CA589C5063, 7C845A21E568D35BCA85C864AE2AA21A771659D1FA380D9979DCA2F27016D368
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.T9D753D8C#\6C099F120CD6722AEA2905B46D04C23D\MICROSOFT.TPM.COMMANDS.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, FBB4F41229437F17E976D1EEA04FDD34, 2820DAF94C7D05E237C836E9B00ACBECAEB6F70A253515B97AB4A872D03C51F2
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.I7676DB1A#\F382B393BFEF963914A2C98F36A6B44F\MICROSOFT.INTERNATIONALSETTINGS.COMMANDS.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 5A8EE68D969FC2672922A9E03534B47B, 251185FF669D07766758B2F5794582804A9F6036C9DEEA0B28725729D116778F
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.W0BB5DAC4#\A0389621DE2D6E21A847A24082B6434F\MICROSOFT.WINDOWS.DIAGNOSIS.COMMANDS.UPDATEDIAGROOTCAUSE.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 261D874A34C749699CE590AAAA162898, A27AF54A77EFBE8160A6F8A4F644EE1D4AE283E52EBC0868342F087765B2DB42
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.W2D29A719#\57F971E5728DCB63D4A7DE2E6BF5A5FF\MICROSOFT.WINDOWS.DSC.CORECONFPROVIDERS.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, ECA56205DED79FD10DA9CD8A9D108B0F, 0E35AB2A2C6B0270F6241FFCA847930A3837068F5D70FF4A9D7030685A3E3CA5
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.W2DED559F#\7886CA097C85EFB07BC131317377FF87\MICROSOFT.WINDOWSAUTHENTICATIONPROTOCOLS.COMMANDS.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, C2E5D71834AEA529661D082924D0E2F5, 1D54B820E9921A655814E2ADF8B92C8FDD876E2BCB94C9D3FEFD8FFD48EBB0B4
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.W69EF49D2#\8E7DFBF56545ABDB6C295C7BEEDEF934\MICROSOFT.WINDOWS.DIAGNOSIS.COMMANDS.GETDIAGINPUT.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 9552F750460A9E294B017850C617D29C, BB8BEBE111F2139946FCFA48197B48C73299CCBB8693D4854FD8306B34B19176
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.W708FC392#\522CB10C690BE6B54F4583FFB4CFCBA5\MICROSOFT.WINDOWS.DIAGNOSIS.COMMANDS.WRITEDIAGPROGRESS.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, A825E9BB69C65789882726091630300E, A16FC9538DD3CDFA5F73E6C1A2BF452D0517C23E51E7FC3921B82C319408F21E
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.WAD78DAF4#\E698157519DCCEB2C17BE495A3C519A4\MICROSOFT.WINDOWS.DIAGNOSIS.SDHOST.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, FEAD55174F7071907C4BF27D668ABE53, A22A41BB4AEF73191876A214CD60117EB61A691F300820FC8C686A5E11AE45C0
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.WCFFEDCB4#\D5591A02AA96AC57F0F9CC27E17E098B\MICROSOFT.WINDOWSSEARCH.COMMANDS.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, AF203F39D8F49D69F1EBD0A4CA5B5CEB, 554C7A598A1FA5318F7D0802107E01D2D0BB6FC219C97CD0FD0F1503D97049FF
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.WD518EE0D#\90CA2860558889F34CA5F06AFF1E9606\MICROSOFT.WINDOWS.DIAGNOSIS.COMMANDS.UPDATEDIAGREPORT.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, CF7CD9F38BAB437605FC4999470EC8D5, FBB6ABE1BB735CBEFC62C6E35F14DE19EB16FE7C0B44135D06FC74E2FDA67AB4
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.WE0722664#\8E65B4FFA53463C5D56A04DC7F5EF7A0\MICROSOFT.WSMAN.MANAGEMENT.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, A9F298867E373C8829E08583D2896104, 61176915ACB855485CE60CEA5B32C383EE2CBE33E3CE54E760C4354F360A3BAF
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MICROSOFT.WE9F24001#\BA4BA97094EB4816C5954C96B104669D\MICROSOFT.WSMAN.MANAGEMENT.ACTIVITIES.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 2B49F29F43A751F5030350A7E27ABDDD, 8FD40DAC2539DAD0B9B2D0D9EFB97454EB3453CFC2BC4E780F3A97EB0FDFD3ED
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\MIGUICONTROLS\AB8B4E71AD5449AA696BDD01DA072FCA\MIGUICONTROLS.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 412BDD3061B4B5EC7A6B4832839DC2E5, 293A0EB38C13CC5F43F31B92A80DEAFE7DD1871153F3FB5251D4E308099161B9
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\SRPUXSNAPIN\9AB551190E3E56EB47ABBC4BE6048BAB\SRPUXSNAPIN.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 6DF1E429EBAEF639C28F41964AF9FC53, 51A7E857B765E65CE785A3A6AF8A244366CE351A901129881BFEBBE77A576DCE
Malware.Heuristic.1003, E:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\TASKSCHEDULER\C0E4DB09A0FBE3DD63DA3E75A3DBA940\TASKSCHEDULER.NI.DLL, En cuarentena, 1000001, 0, 1.0.50031, 0000000000000000000003EB, dds, 01605672, 8B2565C42FA6DAD033D474FCD45E02A5, 25E678FE8E870F451DBFD3E82E7C71A0A25A331D59C748F0A6E21C3F724477DA

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Tenias infecciones en las unidades F: y E:. Reconoces si alguna esta asociada a una unidad extraíble como un pendrive?

Como va el equipo hasta ahora? Notas alguna mejoria? el cartel aun te aparece?

Saludos

Si las tenia pero creo que estas no hacian ningun daño o por lo menos no el que tengo ahora mismo. No, las unidades son particiones del HDD que tengo.

Mejoria solo en fluidez, pero el cartel molesto sigue apareciendo

Por el contrario esas infecciones si afectan a todo el sistema.

Vamos a seguir buscando

Realiza los pasos que te pongo a continuación, sin cambiar el orden y síguelos al pie de la letra:

Conectas todos tus dispositivos externos (todos los discos duros externos que tengas, USB, etc).

1) Descarga Eset Online Scaner Manual de Uso y realizas un análisis del PC, lee detalladamente las instrucciones y realizas un Análisis Personalizado tal y como se indica en su manual. Me traes su reporte.

2) Realizas un análisis con **Dr Web CureIt **siguiendo las instrucciones de su manual perfectamente explicadas. Eso sí, descarga Dr web Cure It de: https://www.infospyware.com/Software/click.php?id=41

Nota: Presta atencion una ves que eset termina su analisis para poder generar bien el reporte, si por alguna razon se te pasa puedes subir una captura de pantalla con los archivos que puso en cuarentena.

Pegas los reportes de Eset Online Scaner y Dr Web CureIt y comentas como va el PC.

Salu2.

Muchas gracias por tu ayuda Daniel, enserio agradezco bastante que puedas guiarme en todo el proceso.

Mira ejecute el primer programa y duro bastante el analisis y este es el informe.

22/01/2022 7:33:07 a. m.
Archivos explorados: 1127258
Archivos detectados: 26
Archivos desinfectados: 26
Tiempo total de exploración 04:35:37
Estado de la exploración: Finalizado
C:\Users\SANTI\Downloads\Hades-CODEX\Hades.Update.v1.37828-CODEX\codex-hades.update.v1.37828.r06	una variante de Win32/HackTool.Crack.ES aplicación potencialmente no segura	eliminado

C:\Users\SANTI\Downloads\Hades-CODEX\sc12879-HDSUpd137828.rar	una variante de Win32/HackTool.Crack.ES aplicación potencialmente no segura	eliminado

C:\Users\SANTI\Downloads\sc12879-HDSUpd137828.rar	una variante de Win32/HackTool.Crack.ES aplicación potencialmente no segura	eliminado

E:\DESKTOP-H90MM26\Backup Set 2022-01-19 040946\Backup Files 2022-01-19 040946\Backup files 14.zip	una variante de Win32/uTorrent.E aplicación potencialmente no deseada	contenía archivos infectados

E:\Users\Kevin\Desktop\kevin cel\camera s8\a1001027801.apk	una variante de Android/Hiddad.AGZ troyano	desinfectado por eliminación

E:\Users\Kevin\Desktop\kevin cel\camera s8\a1001027804.apk	una variante de Android/Hiddad.AGZ troyano	desinfectado por eliminación

E:\Users\Kevin\Desktop\kevin cel\camera s8\Sin confirmar 332037.crdownload	una variante de Android/Hiddad.AGZ troyano	desinfectado por eliminación

E:\Users\Kevin\Downloads\MEmu Download\31149492-1.apk	una variante de Android/AdDisplay.Ewind.AN aplicación potencialmente no deseada	desinfectado por eliminación

E:\Users\Kevin\Downloads\MEmu Download\31149492-2.apk	una variante de Android/AdDisplay.Ewind.AN aplicación potencialmente no deseada	desinfectado por eliminación

E:\Users\Kevin\Downloads\MEmu Download\31149492-3.apk	una variante de Android/AdDisplay.Ewind.AN aplicación potencialmente no deseada	desinfectado por eliminación

E:\Users\Kevin\Downloads\MEmu Download\31149492-4.apk	una variante de Android/AdDisplay.Ewind.AN aplicación potencialmente no deseada	desinfectado por eliminación

E:\Users\Kevin\Downloads\MEmu Download\31149492-5.apk	una variante de Android/AdDisplay.Ewind.AN aplicación potencialmente no deseada	desinfectado por eliminación

E:\Users\Kevin\Downloads\MEmu Download\31149492-6.apk	una variante de Android/AdDisplay.Ewind.AN aplicación potencialmente no deseada	desinfectado por eliminación

E:\Users\Kevin\Downloads\MEmu Download\31149492.apk	una variante de Android/AdDisplay.Ewind.AN aplicación potencialmente no deseada	desinfectado por eliminación

E:\Users\Kevin\Downloads\SdMsCvlitnVIPrpr-RLD\Sid.Meiers.Civilization.VI.Proper-RELOADED\rld-civ6-compucalitv.iso	una variante de Win64/HackTool.Crack.H aplicación potencialmente no segura	eliminado

E:\Users\Kevin\Downloads\Checker y Generador de Proxys Version Final 2018 (1).rar	una variante de MSIL/Kryptik.YIC troyano	eliminado

E:\Users\Kevin\Downloads\Checker y Generador de Proxys Version Final 2018 (2).rar	una variante de MSIL/Kryptik.YIC troyano	eliminado

E:\Users\Kevin\Downloads\Checker y Generador de Proxys Version Final 2018.rar	una variante de MSIL/Kryptik.YIC troyano	eliminado

E:\Users\Kevin\Downloads\Install JDownloader.rar	una variante de Win32/Appwork.A aplicación potencialmente no deseada	eliminado

E:\Users\Kevin\Downloads\microeconomia-intermedia-y-sus-aplicaciones-walter-nicholson-pdf.iso	una variante de Win32/ExpressDownloader.K aplicación potencialmente no deseada	eliminado

E:\Users\Kevin\Downloads\New Multichecker x109 Websites SNIPR V2.4.8.9 Nueva version.rar	una variante de MSIL/HackTool.SNIPR.A aplicación potencialmente no segura	eliminado

E:\Users\Kevin\Downloads\ROC+TFT. DTG.rar	una variante de Win32/Keygen.CU aplicación potencialmente no segura	eliminado

E:\Users\Kevin\Downloads\[phanmemtop.net]_EViews 10 Enterprise Edition.rar	una variante de Win32/HackTool.Patcher.AD aplicación potencialmente no segura	eliminado

F:\Omar\Celular Mathieu\.estrongs\recycle\1480534220696\storage\emulated\0\Download\es_recycle_content\.com.google.Chrome.40YPXt	una variante de Android/Hiddad.E troyano	desinfectado por eliminación

F:\Omar\Celular Mathieu\.estrongs\recycle\1480534220696\storage\emulated\0\Download\es_recycle_content\XTubePlayer.apk	una variante de Android/Hiddad.E troyano	desinfectado por eliminación

F:\Omar\Celular Mathieu\Download\Sin confirmar 64392.crdownload	Android/Hiddad.DR troyano	desinfectado por eliminación

Y el de DR WEB:

Total 1552844181652 bytes in 1087228 files scanned (2082383 objects)
Total 1083729 files (2078678 objects) are clean
Total 12 files are infected
Total 3671 files (3689 objects) are raised error condition
Scan time is 02:44:28.441

-----------------------------------------------------------------------------
Start curing
-----------------------------------------------------------------------------

C:\Program Files (x86)\Magick Checker\Magick Launcher.exe - quarantined
C:\Users\SANTI\Downloads\PRT.exe - quarantined
E:\$Recycle.Bin\S-1-5-21-3632613967-273524341-1505577580-1001\$R6O82AJ\vip72socks.exe - quarantined
E:\$Recycle.Bin\S-1-5-21-3632613967-273524341-1505577580-1001\$R6O82AJ\vip72socksCN.exe - quarantined
E:\$Recycle.Bin\S-1-5-21-3632613967-273524341-1505577580-1001\$R6O82AJ\vip72socksRUS.exe - quarantined
E:\Program Files (x86)\Microsoft Games\Age of Mythology\msxmlspa.exe - quarantined
E:\Program Files\Common Files\Logitech\G430Install\uninstall.exe - quarantined
E:\Users\Kevin\AppData\Local\Temp\is-9GQQE.tmp\RdZone.dll - quarantined
E:\Users\Kevin\Downloads\DriverEasy_Setup (1).exe - quarantined
E:\Users\Kevin\Downloads\DriverEasy_Setup.exe - quarantined
E:\Users\Kevin\Downloads\vip72socks-installer (1).exe - quarantined
E:\Users\Kevin\Downloads\vip72socks-installer.exe - quarantined

Total 1552844181652 bytes in 1087228 files scanned (2082383 objects)
Total 1083729 files (2078678 objects) are clean
Total 12 files are infected
Total 12 files are neutralized
Total 3671 files (3689 objects) are raised error condition
Scan time is 02:44:28.441

Perdona la demora hasta hace hoy retome actividades en el pc.

Hola que tal

Aun te aparece el cartel? Como funciona la pc?

Saludos

Hola @DanielG Aun me aparece, es muy molesto, incluso haciendo todo esto que me indicaste.

La PC extremadamente fluida eso si, muchas gracias!!

Hola nuevamente

Vamos a mirar un poco mas a detalle.

Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).

Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?

Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

Farbar Recovery Scan Tool

1. Ejecutas el FRST.exe (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).
2. Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.
3. En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.
4. Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.

Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado. También conectas nuevamente tu equipo a Internet.

PRÓXIMA RESPUESTA

Pegas los reportes de FRST y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

• No realices pasos/acciones que NOSOTROS no te hayamos indicado.
• No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
• No instales NADA (programas/software/complementos/extensiones del navegador…).
• No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
• No realices por tu cuenta otros procedimientos.
• Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 22-01-2022
Ejecutado por SANTI (administrador) sobre DESKTOP-H90MM26 (Gigabyte Technology Co., Ltd. Z490 AORUS ELITE AC) (24-01-2022 16:25:06)
Ejecutado desde C:\Users\SANTI\Desktop
Perfiles cargados: SANTI
Plataforma: Microsoft Windows 10 Pro Versión 20H2 19042.1466 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(1ncrivel Sistemas LTDA -> ) C:\Windows\System32\service.notification.center.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <2>
(ASUSTeK Computer Inc. -> TODO: <Company name>) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\ArmouryAIOFanServer.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.111\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.111\BraveCrashHandler64.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\eppwsc.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\SANTI\AppData\Roaming\Telegram Desktop\Telegram.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3180256 2021-11-04] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [NoPing] => C:\Program Files\NoPing\NoPing.exe [2710304 2021-07-09] (1ncrivel Sistemas LTDA -> )
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_7b66b6662cf6d72b\RtkAudUService64.exe [1220312 2021-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Emsisoft Anti-Malware] => C:\Program Files\Emsisoft Anti-Malware\a2guard.exe [9411144 2022-01-18] (Emsisoft Ltd -> Emsisoft Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [409760 2021-03-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\Run: [Discord] => C:\Users\SANTI\AppData\Local\Discord\Update.exe [1512760 2020-12-04] (Discord Inc. -> GitHub)
HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\Run: [com.blitz.app] => C:\Users\SANTI\AppData\Local\Programs\Blitz\Blitz.exe [121828104 2022-01-20] (Swift Media Entertainment, Inc. -> Blitz, Inc.)
HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33336800 2021-09-19] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4109032 2021-06-09] (Valve -> Valve Corporation)
HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\Run: [Nox_1] => C:\Nox\bin\Nox.exe [10403912 2021-09-02] (Nox Limited -> Duodian Technology Co. Ltd.)
HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [136443968 2022-01-13] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\Run: [Opera Browser Assistant] => C:\Users\SANTI\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35320448 2022-01-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\MountPoints2: {fd9cde30-028e-11ec-a1da-f44d30f94a25} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-18\...\Run: [] => [X]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-20] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\97.1.34.81\Installer\chrmstp.exe [2022-01-22] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2021-07-01]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {08A882E6-9C59-4C92-BAC7-92FE084211B9} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [66480 2022-01-09] (Microsoft Corporation -> Microsoft)
Task: {24C91A60-F9F1-4318-9C50-70121AE6E5F1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2599595D-5951-4E98-AF74-0895ED2FCB9D} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2178936 2021-08-20] (ASUSTeK Computer Inc. -> ASUS)
Task: {2AEB67D0-EF88-4A06-AB26-C92C68597F41} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d7a451b7f8639c => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-09-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {322F2473-B0E7-408C-8A1D-BB3DC07A9D6C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111024 2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {3357F3D7-B89F-4ED5-B4B2-B14FF7EDDA55} - System32\Tasks\Microsoft\Assemblies\Manager => C:\Users\SANTI\AppData\Local\Temp\system\systeam.exe (Ningún archivo) <==== ATENCIÓN
Task: {3C6A6FFA-BB75-4A5F-A16D-0650DE15A66E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-01-14] (Piriform Software Ltd -> Piriform)
Task: {47AB8B2C-D441-46C3-B2F5-CD29BBFF0F46} - System32\Tasks\Notification Center => C:\ProgramData\Notification Center\service.notification.updater.exe [489992 2020-04-28] (1ncrivel Sistemas LTDA -> )
Task: {484DAF89-1FBF-4F69-8CFB-D8FC5589A613} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Ningún archivo)
Task: {4AC5EBC5-F4D4-47F9-BE77-65703EDFE164} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-02] (Google LLC -> Google LLC)
Task: {4CD11CC2-BB27-4D70-919E-C0B89A30A015} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4DE7D91B-5955-48CB-83F9-58D234FC462F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {53384412-3F08-405D-95C9-05203C1F79B8} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3774160 2021-01-21] (Corel Corporation -> Corel Corporation)
Task: {5F1449E2-4494-4B0E-9E39-B01AE8FF29DE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E0B3636-AFB2-4BF7-B3EA-407CDE50AFDE} - System32\Tasks\ASUS\ArmouryAIOFanServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\ArmouryAIOFanServer.exe [764152 2021-06-10] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {6F2A5315-646D-4866-A9DC-B24037EB00CE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7348C335-FCD1-477D-A6C9-3E7A44F54ADF} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [104600 2021-08-20] (ASUSTeK Computer Inc. -> ASUS)
Task: {73623D5F-29D3-4277-A3FD-FC6EDFB46E6D} - System32\Tasks\Opera scheduled Autoupdate 1616013710 => C:\Users\SANTI\AppData\Local\Programs\Opera\launcher.exe [2256592 2022-01-12] (Opera Software AS -> Opera Software)
Task: {73D78E72-1E4B-4D1E-A15A-8AC6359FC95B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {752B87F2-0B74-415E-9FDE-F18F50B1A87E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {75B1ED5E-ACCA-4DF2-8835-BDC5FD7B16B1} - System32\Tasks\CCleanerSkipUAC - SANTI => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {791E36E3-B3B9-4B82-90B1-6B47D4A89B5D} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe /ua /installsource scheduler (Ningún archivo)
Task: {7B9EE172-E398-40B5-9EF7-5259CE269A23} - System32\Tasks\Mozilla\Firefox Background Update 9DED23DF4360B491 => C:\program files\mozilla firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\9DED23DF4360B491\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {7BA5ED14-7189-4E39-B05D-074075F5873C} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-18] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {81B0A574-E8BF-4590-982E-F53E7D180A99} - System32\Tasks\Mozilla\Firefox Default Browser Agent 9DED23DF4360B491 => C:\Program Files\mozilla firefox\default-browser-agent.exe do-task "9DED23DF4360B491"
Task: {821EBCCF-F2EA-4D70-A059-F6D696B662DA} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\SANTI\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [19989464 2022-01-22] (ESET, spol. s r.o. -> ESET)
Task: {87AF614C-6A7B-42EC-ADC4-367FF2EEDF77} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8A5E4BAC-6B63-4D5E-96E2-2553141DCB2F} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-09-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {8A5F31C0-ED2B-4593-9B13-8389BF98A246} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {8C8B9431-BE2A-4E49-945D-E0948ABF71E7} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {9056E541-FEE5-496B-A875-BFE33440475F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111024 2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {960D34B2-D389-4137-9D13-03044C4A1B21} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9913EEBA-7DA6-47B5-B5BD-73D74B188EE7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9B85B678-80EA-4752-8684-F51D8F2D9401} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {AAC0CFCA-3297-4406-B2CE-AC2AB6DE53CA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-12] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {AE426EB7-F8DB-4A23-8165-63E8B413FD68} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BDB888B7-BE16-4D1F-9308-C8AD2A70F8E9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-02] (Google LLC -> Google LLC)
Task: {C219FE0A-3BE0-40AD-A176-F9A7F50FD67D} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe /c (Ningún archivo)
Task: {C4C1DB45-C7C0-4976-80D7-E1F869A7BCFF} - System32\Tasks\CorelUpdateHelperTask-B5DF09466A25FBC29FCB2703709A3585 => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3774160 2021-01-21] (Corel Corporation -> Corel Corporation)
Task: {C7DEB834-8DDB-4E46-9117-07FB99426876} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {CA62D2FE-FF14-4839-BC12-92C2834650EC} - System32\Tasks\Opera GX scheduled Autoupdate 1642464392 => C:\Users\SANTI\AppData\Local\Programs\Opera GX\launcher.exe [2192592 2021-12-22] (Opera Software AS -> Opera Software)
Task: {CA88DD3C-A1C0-4025-8E00-A8FE079515BC} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [3059280 2021-03-06] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {CB36BE9C-5EEE-42FF-BACB-BD5396F2EFD0} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-18] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {CD3C0C05-FE78-43B7-8314-1BE947C6078F} - System32\Tasks\Opera scheduled assistant Autoupdate 1616013718 => C:\Users\SANTI\AppData\Local\Programs\Opera\launcher.exe [2256592 2022-01-12] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\SANTI\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {D386EE82-FF76-406A-90D0-D756F223A58D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-12] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E2D2CD54-B8A5-4966-99E9-2AF5C2C68EAF} - System32\Tasks\Microsoft\Assemblies\UpdatesManager => C:\Users\SANTI\AppData\Local\Temp\sys32\Sys32.exe (Ningún archivo) <==== ATENCIÓN
Task: {E82BEA8D-2CCC-4E01-A554-6240ECE7B783} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [44588888 2021-08-19] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {F5BFAD5F-8FBA-45E2-A8A1-1A4DB7FEC171} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\SANTI\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [19989464 2022-01-22] (ESET, spol. s r.o. -> ESET)
Task: {F6D709FE-D033-452F-B008-4EDAE7EC2F22} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 190.157.8.101 190.157.8.109
Tcpip\..\Interfaces\{29e9b0e5-bfb9-4f7b-9a54-5c20c40bd97a}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{52bb9f05-1562-4fe4-a5ef-51703b22d678}: [DhcpNameServer] 190.157.8.101 190.157.8.109
Tcpip\..\Interfaces\{58c43ef4-6e36-4a25-bc34-53b7da8a5ebf}: [DhcpNameServer] 190.157.8.101 190.157.8.109

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\SANTI\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-25]
Edge Extension: (User Agents for Microsoft Edge) - C:\Users\SANTI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ccifflialaiccfkjfecfbnpfmbiglpko [2021-11-11]
Edge Extension: (EditThisCookie) - C:\Users\SANTI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2022-01-19]
Edge Extension: (iFrame Allow) - C:\Users\SANTI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gifgpciglhhpmeefjdmlpboipkibhbjg [2022-01-19]
Edge Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\SANTI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-01-19]
Edge Profile: C:\Users\SANTI\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2021-10-18]
Edge Profile: C:\Users\SANTI\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-12-30]

FireFox:
========
FF DefaultProfile: zqru5x3q.default
FF ProfilePath: C:\Users\SANTI\AppData\Roaming\Mozilla\Firefox\Profiles\pqhlneji.default-release-1 [2022-01-25]
FF Extension: (User-Agent Switcher) - C:\Users\SANTI\AppData\Roaming\Mozilla\Firefox\Profiles\pqhlneji.default-release-1\Extensions\[email protected] [2021-11-11]
FF Extension: (Cookie Quick Manager) - C:\Users\SANTI\AppData\Roaming\Mozilla\Firefox\Profiles\pqhlneji.default-release-1\Extensions\{60f82f00-9ad5-4de5-b31c-b16a47c51558}.xpi [2021-08-27]
FF ProfilePath: C:\Users\SANTI\AppData\Roaming\Mozilla\Firefox\Profiles\zqru5x3q.default [2022-01-19]
FF ProfilePath: C:\Users\SANTI\AppData\Roaming\Mozilla\Firefox\Profiles\gyh59em6.default-release [2022-01-25]
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2021-06-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2021-06-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [Ningún archivo]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [Ningún archivo]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default [2022-01-25]
CHR Notifications: Default -> hxxps://aternos.org; hxxps://www.wish.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR Extension: (Presentaciones) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-08]
CHR Extension: (Safe Torrent Scanner) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-01-05]
CHR Extension: (Documentos) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-08]
CHR Extension: (Google Drive) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-08]
CHR Extension: (YouTube) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-08]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-01-12]
CHR Extension: (Hojas de cálculo) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-08]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-01-25]
CHR Extension: (Ronin Wallet) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjhmkhhmkbjkkabndcnnogagogbneec [2022-01-14]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-19]
CHR Extension: (Cookie-Editor) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlkenndednhfkekhgcdicdfddnkalmdm [2021-04-06]
CHR Extension: (MetaMask) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2021-12-21]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-08]
CHR Extension: (Gmail) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-08]
CHR Profile: C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-01-25]
CHR Profile: C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-01-20]
CHR Extension: (Presentaciones) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-01-20]
CHR Extension: (Safe Torrent Scanner) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-01-20]
CHR Extension: (Documentos) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2022-01-20]
CHR Extension: (Google Drive) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-01-20]
CHR Extension: (YouTube) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-01-20]
CHR Extension: (Hojas de cálculo) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-01-20]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-01-20]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-20]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-20]
CHR Extension: (Gmail) - C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-01-20]
CHR Profile: C:\Users\SANTI\AppData\Local\Google\Chrome\User Data\System Profile [2022-01-25]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

Opera: 
=======
OPR Profile: C:\Users\SANTI\AppData\Roaming\Opera Software\Opera Stable [2022-01-19]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\SANTI\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-09-23]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\SANTI\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-21]
StartMenuInternet: (HKU\S-1-5-21-695568149-3922645088-835819184-1001) Opera GXStable - "C:\Users\SANTI\AppData\Local\Programs\Opera GX\Launcher.exe"

Brave: 
=======
BRA Profile: C:\Users\SANTI\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-01-25]
BRA Extension: (Safe Torrent Scanner) - C:\Users\SANTI\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-01-05]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\SANTI\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-01-25]
BRA Extension: (Brave NTP background images) - C:\Users\SANTI\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2021-12-15]
BRA Extension: (Wallet Data Files Updater) - C:\Users\SANTI\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2021-12-01]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\SANTI\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-01-25]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\SANTI\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2021-12-07]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\SANTI\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2021-03-18]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\SANTI\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-09-15]
BRA Extension: (Crypto Wallets) - C:\Users\SANTI\AppData\Local\BraveSoftware\Brave-Browser\User Data\odbfpeeihdkbihmopkbjmoonfanlbfcl [2021-10-20]
BRA Extension: (Brave NTP sponsored images) - C:\Users\SANTI\AppData\Local\BraveSoftware\Brave-Browser\User Data\ogdjnhmejccgjdnclbeghpffmecndeai [2022-01-25]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\SANTI\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-01-20]
BRA Extension: (Brave Ad Block Updater (EasyList Spanish)) - C:\Users\SANTI\AppData\Local\BraveSoftware\Brave-Browser\User Data\pdecoifadfkklajdlmndjpkhabpklldh [2022-01-25]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S4 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [10774192 2022-01-18] (Emsisoft Ltd -> Emsisoft Ltd)
S4 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3743984 2021-10-06] (philandro Software GmbH -> philandro Software GmbH)
S4 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [349928 2021-09-15] (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.)
S4 ArmouryLiveUpdate; C:\Windows\System32\DriverStore\FileRepository\rogms.inf_amd64_94d9766656ff6011\ArmouryLiveUpdate.exe [576216 2021-08-30] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.06\atkexComSvc.exe [456008 2021-09-15] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S4 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-09-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S4 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [313008 2021-08-21] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
S4 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-09-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-05-28] (BattlEye Innovations e.K. -> )
S4 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-18] (Brave Software, Inc. -> BraveSoftware Inc.)
S4 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-18] (Brave Software, Inc. -> BraveSoftware Inc.)
S4 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\96.0.4664.39\remoting_host.exe [72536 2021-11-05] (Google LLC -> Google LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
S4 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [616344 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
S4 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [421536 2021-03-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S4 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [80544 2021-03-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S4 ElevationService; C:\Program Files (x86)\Wondershare\drfone\Addins\Backup\ElevationService.exe [913408 2021-01-20] () [Archivo no firmado]
S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-17] (Epic Games Inc. -> Epic Games, Inc.)
R2 EppWsc; C:\Program Files\Emsisoft Anti-Malware\EppWsc.exe [1545368 2022-01-18] (Emsisoft Ltd -> Emsisoft Ltd)
S4 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11174464 2022-01-13] (Logitech Inc -> Logitech, Inc.)
S4 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3565600 2021-08-18] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2022-01-19] (Malwarebytes Inc -> Malwarebytes)
S4 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971504 2022-01-14] (McAfee, LLC -> McAfee, LLC)
S4 MEmuSVC; C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe [85304 2019-09-12] (Shanghai Microvirt Software Technology Co., Ltd. -> )
S4 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [144632 2021-12-03] (Oculus VR, LLC -> Facebook Technologies, LLC)
S4 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [511736 2021-12-03] (Oculus VR, LLC -> Facebook Technologies, LLC)
S4 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [102648 2021-01-30] (Proton Technologies AG -> )
S4 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [62712 2021-01-30] (Proton Technologies AG -> )
S4 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-05-01] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S4 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-05-01] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S4 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [5941936 2021-10-21] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6137040 2022-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S4 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [337112 2021-12-19] (Twitch Interactive, Inc. -> )
S4 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746736 2022-01-17] (Oracle Corporation -> Oracle Corporation)
S4 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10157608 2021-11-04] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [0 2022-01-19] () <==== ATENCIÓN [cero bytes Archivo/Carpeta]
S4 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-10] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-10] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [33832 2019-04-10] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [43160 2021-08-21] (ASUSTeK Computer Inc. -> )
S3 CorsairGamingAudioService; C:\Windows\system32\DRIVERS\CorsairGamingAudio64.sys [60312 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [45984 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21920 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz150; C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [44832 2022-01-22] (CPUID S.A.R.L.U. -> CPUID)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 epp; C:\Program Files\Emsisoft Anti-Malware\epp.sys [155112 2022-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
R0 eppdisk; C:\Windows\System32\drivers\eppdisk.sys [37776 2022-01-18] (Emsisoft Ltd -> Emsisoft Ltd)
S0 EppElam; C:\Windows\System32\drivers\EppElam.sys [16808 2022-01-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Emsisoft Ltd)
R1 eppwfp; C:\Program Files\Emsisoft Anti-Malware\eppwfp.sys [126968 2022-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
S3 evserial9; C:\Windows\System32\drivers\evserial9.sys [40448 2019-06-11] (Element 5 Limited Liability Company -> ELTIMA Software)
S3 FlashUSB; C:\Windows\System32\drivers\FlashUSB.sys [19968 2019-12-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Mobile Communications)
R3 logi_audio_surround; C:\Windows\system32\drivers\logi_audio_surround.sys [44488 2022-01-13] (Logitech Inc -> Logitech)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [37200 2021-08-05] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [25928 2021-08-05] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [66896 2021-08-05] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [210352 2022-01-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2022-01-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2022-01-19] (Malwarebytes Inc -> Malwarebytes)
R1 MEmuDrv; C:\Windows\system32\DRIVERS\MEmuDrv.sys [320360 2021-01-04] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
R1 MEmuNetLwf; C:\Windows\system32\DRIVERS\MEmuNetLwf.sys [220560 2020-09-29] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
R3 MpKsl01c55f86; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DD9C11A7-0937-4FBB-BAD7-09CF1C36F7AF}\MpKslDrv.sys [134376 2022-01-25] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-20] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R1 ndextlag; C:\Windows\system32\DRIVERS\ndextlag.sys [48640 2018-04-12] (Mainline Net Holdings Limited -> SKOWSAND SERVICOS DE PROVEDORES E INTERNET LTDA - ME)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrd.sys [50728 2019-07-04] (Whimsters Limited -> NT Kernel Resources)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 OCULUSUDSVR; C:\Windows\System32\drivers\OCULUSUD.sys [3867552 2021-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Oculus VR, LLC.)
R3 oculusvad_oculusvad; C:\Windows\System32\drivers\oculusvad.sys [75280 2021-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Oculus_ViGEmBus; C:\Windows\System32\drivers\Oculus_ViGEmBus.sys [32856 2021-08-19] (Oculus VR, LLC -> Facebook Inc.)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R3 ROGKB; C:\Windows\System32\DriverStore\FileRepository\rogkb.inf_amd64_9c19fffb5d62d536\ROGKB.sys [33680 2021-08-30] (ASUSTeK Computer Inc. -> )
R3 ROGMS; C:\Windows\System32\DriverStore\FileRepository\rogms.inf_amd64_94d9766656ff6011\ROGMS.sys [33184 2021-08-30] (ASUSTeK Computer Inc. -> )
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [51776 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0203; C:\Windows\System32\drivers\RzDev_0203.sys [52288 2020-02-17] (Razer USA Ltd. -> Razer Inc)
S3 secubus; C:\Windows\System32\drivers\secubus.sys [118784 2019-12-17] (MCCI Corporation -> MCCI Corporation)
S3 shspusb; C:\Windows\System32\drivers\HSPUSB.sys [24064 2019-12-17] (Microsoft Windows Hardware Compatibility Publisher -> MobileTop)
S3 ssaebus; C:\Windows\System32\drivers\ssaebus.sys [136264 2019-12-17] (MCCI Corporation -> MCCI Corporation)
S3 ssaeunic; C:\Windows\System32\drivers\ssaeunic.sys [178760 2019-12-17] (MCCI Corporation -> MCCI Corporation)
S3 ssbcbus; C:\Windows\System32\drivers\ssbcbus.sys [108032 2019-12-17] (MCCI Corporation -> MCCI)
S3 sscdserd; C:\Windows\System32\drivers\sscdserd.sys [158024 2019-12-17] (MCCI Corporation -> MCCI Corporation)
S3 ssceserd; C:\Windows\System32\drivers\ssceserd.sys [158024 2019-12-17] (MCCI Corporation -> MCCI Corporation)
S3 ssdudfu; C:\Windows\System32\drivers\ssdudfu.sys [101960 2019-12-17] (MCCI Corporation -> MCCI)
S3 ssecbus; C:\Windows\System32\drivers\ssecbus.sys [113664 2019-12-17] (MCCI Corporation -> MCCI Corporation)
S3 ssecmgmt; C:\Windows\System32\drivers\ssecmgmt.sys [132096 2019-12-17] (MCCI Corporation -> MCCI Corporation)
S3 ssecobex; C:\Windows\System32\drivers\ssecobex.sys [127488 2019-12-17] (MCCI Corporation -> MCCI Corporation)
S3 ssecunic; C:\Windows\System32\drivers\ssecunic.sys [145408 2019-12-17] (MCCI Corporation -> MCCI Corporation)
S3 ssm_bus; C:\Windows\System32\drivers\ssm_bus.sys [136192 2019-12-17] (MCCI Corporation -> MCCI Corporation)
S3 ssm_mdm; C:\Windows\System32\drivers\ssm_mdm.sys [172032 2019-12-17] (MCCI Corporation -> MCCI Corporation)
S3 sssdbus; C:\Windows\System32\drivers\sssdbus.sys [129352 2019-12-17] (MCCI Corporation -> MCCI Corporation)
S3 sssdmgmt; C:\Windows\System32\drivers\sssdmgmt.sys [142664 2019-12-17] (MCCI Corporation -> MCCI Corporation)
S3 sssdobex; C:\Windows\System32\drivers\sssdobex.sys [138056 2019-12-17] (MCCI Corporation -> MCCI Corporation)
S3 ssuddmgr; C:\Windows\System32\drivers\ssuddmgr.sys [166760 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudncm; C:\Windows\System32\drivers\ssudncm.sys [113000 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudobex; C:\Windows\System32\drivers\ssudobex.sys [166760 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\Windows\System32\drivers\ssudqcfilter.sys [64880 2020-11-11] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\Windows\System32\drivers\ssudrmnet.sys [92520 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\drivers\ssudserd.sys [166760 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SSUSBDownload; C:\Windows\System32\drivers\SSUSBDownload.sys [23040 2019-12-17] (Microsoft Windows Hardware Compatibility Publisher -> SAMSUNG Electronics Co.,Ltd.)
S3 ss_bserd; C:\Windows\System32\drivers\ss_bserd.sys [128000 2019-12-17] (MCCI Corporation -> MCCI Corporation)
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [43368 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 UsbserFilt; C:\Windows\System32\drivers\usbser_lowerfltsax64j.sys [9216 2019-12-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [239648 2022-01-17] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [249560 2022-01-17] (Oracle Corporation -> Oracle Corporation)
R1 VBoxSup; C:\Windows\system32\DRIVERS\VBoxSup.sys [1046416 2022-01-17] (Oracle Corporation -> Oracle Corporation)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8227000 2021-11-03] (Riot Games, Inc. -> Riot Games, Inc.)
S3 VIA_USB_ETS; C:\Windows\System32\drivers\VIA_USB_ETS.sys [21760 2019-12-17] (Microsoft Windows Hardware Compatibility Publisher -> Via Telecom, Inc.)
S3 VSBC9; C:\Windows\System32\drivers\evsbc9.sys [127488 2019-06-11] (Element 5 Limited Liability Company -> ELTIMA Software)
S3 vuhub; C:\Windows\System32\drivers\vuhub.sys [162984 2019-06-25] (Electronic Team, Inc. -> Electronic Team, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [312776 2021-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Nox Limited Corporation)
S1 dhdkucfa; \??\C:\WINDOWS\system32\drivers\dhdkucfa.sys [X]
S1 ealuovtu; \??\C:\WINDOWS\system32\drivers\ealuovtu.sys [X]
S1 ebjqlmbd; \??\C:\WINDOWS\system32\drivers\ebjqlmbd.sys [X]
S1 eymtdvyh; \??\C:\WINDOWS\system32\drivers\eymtdvyh.sys [X]
S1 gikgcyhv; \??\C:\WINDOWS\system32\drivers\gikgcyhv.sys [X]
S1 gsotfxch; \??\C:\WINDOWS\system32\drivers\gsotfxch.sys [X]
S1 jfsxhxbp; \??\C:\WINDOWS\system32\drivers\jfsxhxbp.sys [X]
S1 jpgzsptf; \??\C:\WINDOWS\system32\drivers\jpgzsptf.sys [X]
S1 ldsbjtvm; \??\C:\WINDOWS\system32\drivers\ldsbjtvm.sys [X]
S1 lltukfca; \??\C:\WINDOWS\system32\drivers\lltukfca.sys [X]
S1 mljlgkid; \??\C:\WINDOWS\system32\drivers\mljlgkid.sys [X]
S1 pgiyopkp; \??\C:\WINDOWS\system32\drivers\pgiyopkp.sys [X]
S1 qseyqtne; \??\C:\WINDOWS\system32\drivers\qseyqtne.sys [X]
S1 qtoqjmxz; \??\C:\WINDOWS\system32\drivers\qtoqjmxz.sys [X]
S1 rmhotocj; \??\C:\WINDOWS\system32\drivers\rmhotocj.sys [X]
S1 rnzkmckc; \??\C:\WINDOWS\system32\drivers\rnzkmckc.sys [X]
S1 skonmrvq; \??\C:\WINDOWS\system32\drivers\skonmrvq.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S1 vtpniryb; \??\C:\WINDOWS\system32\drivers\vtpniryb.sys [X]
S1 xsdwpmnp; \??\C:\WINDOWS\system32\drivers\xsdwpmnp.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-01-25 06:24 - 2022-01-25 06:24 - 000000131 _____ C:\Users\SANTI\Documents\cuentas aja.txt
2022-01-25 06:20 - 2022-01-25 06:21 - 000087614 _____ C:\Users\SANTI\Desktop\Addition.txt
2022-01-25 06:19 - 2022-01-25 06:25 - 000049668 _____ C:\Users\SANTI\Desktop\FRST.txt
2022-01-25 06:19 - 2022-01-25 06:19 - 002311680 _____ (Farbar) C:\Users\SANTI\Downloads\FRST64.exe
2022-01-25 01:50 - 2022-01-25 01:50 - 000048750 _____ C:\Users\SANTI\Documents\emails santis.txt
2022-01-25 01:49 - 2022-01-25 01:49 - 000190840 _____ C:\Users\SANTI\Documents\validsss.txt
2022-01-24 22:02 - 2022-01-24 22:02 - 264909256 _____ C:\Users\SANTI\Downloads\9umb0n0i.exe
2022-01-22 07:37 - 2022-01-25 01:38 - 000000000 ____D C:\Users\SANTI\Doctor Web
2022-01-22 07:37 - 2022-01-22 07:37 - 264873416 _____ C:\Users\SANTI\Downloads\rivg9g5s.exe
2022-01-22 07:33 - 2022-01-22 07:33 - 000008690 _____ C:\Users\SANTI\Documents\yep.txt
2022-01-22 07:33 - 2022-01-22 07:33 - 000003858 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2022-01-22 07:33 - 2022-01-22 07:33 - 000003416 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2022-01-22 07:32 - 2022-01-22 07:32 - 006844183 _____ C:\Users\SANTI\Downloads\Legendary HQ COMBO LIST 43.txt
2022-01-22 07:30 - 2022-01-22 07:31 - 006692395 _____ C:\Users\SANTI\Downloads\191K EmailPass Mix By Deluxx.txt
2022-01-22 02:39 - 2022-01-22 02:41 - 013311448 _____ (ESET) C:\Users\SANTI\Downloads\esetonlinescanner (1).exe
2022-01-22 01:29 - 2022-01-22 01:29 - 000348731 _____ C:\Users\SANTI\Documents\10k.txt
2022-01-22 01:11 - 2022-01-22 01:11 - 003141803 _____ C:\Users\SANTI\Downloads\90k YAHOO private.txt
2022-01-21 01:31 - 2022-01-21 01:31 - 000340089 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2022-01-20 at 12.31.11 PM.jpeg
2022-01-20 23:31 - 2022-01-20 23:31 - 000002258 _____ C:\Users\SANTI\Documents\windows.rdp
2022-01-20 22:44 - 2022-01-20 22:44 - 000000481 _____ C:\Users\SANTI\Downloads\publickey
2022-01-20 22:43 - 2022-01-20 22:43 - 000001462 _____ C:\Users\SANTI\Downloads\keypapa.ppk
2022-01-20 22:24 - 2022-01-20 22:24 - 000802008 _____ (Simon Tatham) C:\Users\SANTI\Downloads\puttygen.exe
2022-01-20 22:18 - 2022-01-25 05:05 - 000002258 ____H C:\Users\SANTI\Documents\Default.rdp
2022-01-20 22:05 - 2022-01-20 22:05 - 000021600 _____ C:\Users\SANTI\Documents\cc_20220120_090532.reg
2022-01-20 15:06 - 2022-01-22 02:41 - 000000128 _____ C:\Users\SANTI\AppData\Local\PUTTY.RND
2022-01-20 15:02 - 2022-01-20 15:02 - 000001675 _____ C:\Users\SANTI\Downloads\ssh-key-2022-01-20 (2).key
2022-01-20 15:02 - 2022-01-20 15:02 - 000000399 _____ C:\Users\SANTI\Downloads\ssh-key-2022-01-20.key.pub
2022-01-20 15:00 - 2022-01-20 15:00 - 001273576 _____ (Simon Tatham) C:\Users\SANTI\Downloads\putty.exe
2022-01-20 14:53 - 2022-01-20 14:53 - 000001679 _____ C:\Users\SANTI\Downloads\ssh-key-2022-01-20 (1).key
2022-01-20 14:48 - 2022-01-20 14:48 - 000001675 _____ C:\Users\SANTI\Downloads\ssh-key-2022-01-20.key
2022-01-20 14:12 - 2022-01-20 14:12 - 000000063 _____ C:\Users\SANTI\Downloads\rdps-chek (2).rdp
2022-01-20 14:11 - 2022-01-20 14:11 - 000000063 _____ C:\Users\SANTI\Downloads\rdps-chek (1).rdp
2022-01-20 14:09 - 2022-01-20 14:10 - 000000063 _____ C:\Users\SANTI\Downloads\rdps-chek.rdp
2022-01-20 13:50 - 2022-01-20 13:50 - 000000000 ____D C:\Users\SANTI\.idlerc
2022-01-20 13:48 - 2022-01-20 13:48 - 028239176 _____ (Python Software Foundation) C:\Users\SANTI\Downloads\python-3.10.2-amd64.exe
2022-01-20 13:48 - 2022-01-20 13:48 - 000000000 ____D C:\Users\SANTI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.10
2022-01-20 13:48 - 2022-01-20 13:48 - 000000000 ____D C:\Users\SANTI\AppData\Local\Package Cache
2022-01-20 13:45 - 2022-01-20 13:45 - 000000000 ____D C:\Users\SANTI\Desktop\MailRipV3-main (1)
2022-01-20 13:45 - 2021-12-06 12:44 - 000000000 ____D C:\Users\SANTI\Downloads\MailRipV3-main
2022-01-20 13:44 - 2022-01-20 13:44 - 000024164 _____ C:\Users\SANTI\Downloads\MailRipV3-main (1).zip
2022-01-20 13:03 - 2022-01-20 13:04 - 000002432 _____ C:\Users\SANTI\Desktop\Santiago (aaa) - Chrome.lnk
2022-01-20 13:03 - 2022-01-20 13:03 - 000002388 _____ C:\Users\SANTI\Desktop\Kevin - Chrome.lnk
2022-01-20 12:33 - 2022-01-20 12:33 - 000000064 _____ C:\Users\SANTI\Downloads\watcgin-rdp-chk (1).rdp
2022-01-20 12:29 - 2022-01-20 12:29 - 000000063 _____ C:\Users\SANTI\Downloads\instance-2-rdp (3).rdp
2022-01-20 12:28 - 2022-01-20 12:28 - 000000063 _____ C:\Users\SANTI\Downloads\instance-2-rdp (2).rdp
2022-01-20 12:26 - 2022-01-20 12:26 - 000000063 _____ C:\Users\SANTI\Downloads\instance-2-rdp.rdp
2022-01-20 12:26 - 2022-01-20 12:26 - 000000063 _____ C:\Users\SANTI\Downloads\instance-2-rdp (1).rdp
2022-01-20 12:23 - 2022-01-20 12:23 - 000000064 _____ C:\Users\SANTI\Downloads\watcgin-rdp-chk.rdp
2022-01-20 10:51 - 2022-01-20 10:51 - 000237696 _____ C:\Users\SANTI\Documents\cc_20220120_105110.reg
2022-01-20 10:47 - 2022-01-24 22:36 - 000000000 ____D C:\Program Files\CCleaner
2022-01-20 10:47 - 2022-01-24 22:06 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-01-20 10:47 - 2022-01-20 10:47 - 036572352 _____ (Piriform Software Ltd) C:\Users\SANTI\Downloads\ccsetup588.exe
2022-01-20 10:47 - 2022-01-20 10:47 - 000002904 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - SANTI
2022-01-20 10:47 - 2022-01-20 10:47 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-01-20 10:47 - 2022-01-20 10:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-01-20 10:31 - 2022-01-21 09:37 - 000000000 ____D C:\Users\SANTI\AppData\LocalLow\IGDump
2022-01-20 08:20 - 2022-01-20 08:20 - 000285607 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2022-01-18 at 10.31.23 PM.jpeg
2022-01-20 02:39 - 2022-01-20 02:39 - 000082043 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2022-01-19 at 12.14.32 PM.jpeg
2022-01-19 10:02 - 2021-11-26 13:35 - 013615205 ____N C:\Users\SANTI\Desktop\Arc4n3.zip
2022-01-19 10:01 - 2022-01-19 10:01 - 013616009 _____ C:\Users\SANTI\Downloads\Arc4n3-SMTP-Cracker-main.zip
2022-01-19 07:03 - 2022-01-19 07:03 - 000000000 ____D C:\Users\SANTI\VirtualBox VMs
2022-01-19 07:02 - 2022-01-19 13:14 - 000000000 ____D C:\Users\SANTI\.VirtualBox
2022-01-19 07:02 - 2022-01-19 07:02 - 000000000 ____D C:\ProgramData\VirtualBox
2022-01-19 06:56 - 2022-01-19 07:00 - 3884390912 _____ C:\Users\SANTI\Downloads\kali-linux-2021.4a-virtualbox-amd64.ova
2022-01-19 06:56 - 2022-01-19 06:56 - 000001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2022-01-19 06:56 - 2022-01-19 06:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2022-01-19 06:55 - 2022-01-19 06:55 - 000000000 ____D C:\Program Files\Oracle
2022-01-19 06:55 - 2022-01-17 04:12 - 001046416 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxSup.sys
2022-01-19 06:55 - 2022-01-17 04:12 - 000188184 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2022-01-19 06:54 - 2022-01-19 06:54 - 108293360 _____ (Oracle Corporation) C:\Users\SANTI\Downloads\VirtualBox-6.1.32-149290-Win.exe
2022-01-19 06:27 - 2022-01-19 06:27 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2022-01-19 04:38 - 2022-01-22 02:42 - 000001378 _____ C:\Users\SANTI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-01-19 04:38 - 2022-01-22 02:42 - 000001272 _____ C:\Users\SANTI\Desktop\ESET Online Scanner.lnk
2022-01-19 04:38 - 2022-01-22 02:41 - 000000000 ____D C:\Users\SANTI\AppData\Local\ESET
2022-01-19 04:36 - 2022-01-20 09:08 - 000000000 ____D C:\Program Files\Emsisoft Anti-Malware
2022-01-19 04:36 - 2022-01-19 04:38 - 013311448 _____ (ESET) C:\Users\SANTI\Downloads\esetonlinescanner.exe
2022-01-19 04:36 - 2022-01-19 04:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2022-01-19 04:36 - 2022-01-18 20:01 - 000037776 _____ (Emsisoft Ltd) C:\Windows\system32\Drivers\eppdisk.sys
2022-01-19 04:36 - 2022-01-18 20:01 - 000016808 _____ (Emsisoft Ltd) C:\Windows\system32\Drivers\EppElam.sys
2022-01-19 04:33 - 2022-01-19 04:36 - 000000000 ____D C:\ProgramData\Emsisoft
2022-01-19 04:32 - 2022-01-19 04:36 - 000000000 ____D C:\Users\SANTI\Desktop\EEK
2022-01-19 04:30 - 2022-01-19 04:30 - 338090360 _____ C:\Users\SANTI\Downloads\EmsisoftEmergencyKit.exe
2022-01-19 04:25 - 2022-01-19 04:26 - 005659583 _____ (Swearware) C:\Users\SANTI\Downloads\ComboFix.exe
2022-01-19 03:56 - 2022-01-19 03:56 - 000000000 ___HD C:\$SysReset
2022-01-19 03:19 - 2022-01-19 03:21 - 000000000 ____D C:\ProgramData\SecTaskMan
2022-01-19 03:18 - 2022-01-19 03:18 - 003029920 _____ C:\Users\SANTI\Downloads\SecurityTaskManager_Setup.exe
2022-01-19 03:18 - 2022-01-19 03:18 - 000001227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2022-01-19 03:18 - 2022-01-19 03:18 - 000001216 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
2022-01-19 03:18 - 2022-01-19 03:18 - 000001204 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2022-01-19 03:18 - 2022-01-19 03:18 - 000000000 ____D C:\Program Files (x86)\Security Task Manager
2022-01-19 02:16 - 2022-01-25 06:25 - 000000000 ____D C:\FRST
2022-01-19 02:15 - 2022-01-25 06:19 - 002311680 _____ (Farbar) C:\Users\SANTI\Desktop\FRST64.exe
2022-01-19 02:08 - 2022-01-19 02:08 - 000024164 _____ C:\Users\SANTI\Downloads\MailRipV3-main.zip
2022-01-19 02:08 - 2021-12-06 12:44 - 000000000 ____D C:\Users\SANTI\Desktop\MailRipV3-main
2022-01-19 02:07 - 2022-01-19 02:07 - 000033185 _____ C:\Users\SANTI\Downloads\MailRipV2-main.zip
2022-01-19 01:48 - 2022-01-19 01:48 - 008540344 _____ (Malwarebytes) C:\Users\SANTI\Downloads\adwcleaner_8.3.1.exe
2022-01-19 01:40 - 2022-01-19 01:40 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-01-19 01:40 - 2022-01-19 01:40 - 000210352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-01-19 01:40 - 2022-01-19 01:40 - 000160176 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-01-19 01:40 - 2022-01-19 01:40 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-01-19 01:40 - 2022-01-19 01:40 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-01-19 01:40 - 2022-01-19 01:40 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-01-19 01:40 - 2022-01-19 01:40 - 000000000 ____D C:\Users\SANTI\AppData\Local\mbam
2022-01-19 01:40 - 2022-01-19 01:40 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-01-19 01:40 - 2022-01-19 01:40 - 000000000 ____D C:\Program Files\Malwarebytes
2022-01-19 01:39 - 2022-01-19 01:39 - 002910904 _____ (Malwarebytes) C:\Users\SANTI\Downloads\MBSetup.exe
2022-01-18 14:25 - 2022-01-18 14:25 - 050715488 _____ C:\Users\SANTI\Downloads\OpenBullet2 (1).zip
2022-01-18 14:21 - 2022-01-18 14:21 - 050715488 _____ C:\Users\SANTI\Downloads\OpenBullet2.zip
2022-01-18 14:21 - 2022-01-18 14:21 - 043638840 _____ C:\Users\SANTI\Downloads\OpenBullet2.Native.zip
2022-01-18 14:21 - 2022-01-18 14:21 - 000000000 ____D C:\Users\SANTI\Desktop\OpenBullet2
2022-01-18 14:21 - 2022-01-18 14:21 - 000000000 ____D C:\Users\SANTI\AppData\Local\ASP.NET
2022-01-18 10:03 - 2022-01-18 10:03 - 000048053 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2022-01-17 at 6.03.09 PM.jpeg
2022-01-18 10:01 - 2022-01-18 10:01 - 000072783 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2022-01-17 at 6.01.04 PM.jpeg
2022-01-18 09:40 - 2022-01-18 09:40 - 000000000 ____D C:\Users\SANTI\AppData\Roaming\Tenebris
2022-01-18 08:09 - 2022-01-18 08:09 - 000065820 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2022-01-17 at 5.07.54 PM.jpeg
2022-01-18 08:06 - 2022-01-18 08:06 - 003357432 _____ (Opera Software) C:\Users\SANTI\Downloads\OperaGXSetup.exe
2022-01-18 08:06 - 2022-01-18 08:06 - 000004226 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1642464392
2022-01-18 08:06 - 2022-01-18 08:06 - 000001438 _____ C:\Users\SANTI\Desktop\Navegador Opera GX.lnk
2022-01-18 08:06 - 2022-01-18 08:06 - 000001428 _____ C:\Users\SANTI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera GX.lnk
2022-01-18 03:26 - 2022-01-18 03:26 - 000046480 _____ (Python Software Foundation) C:\Windows\pyshellext.amd64.dll
2022-01-18 03:25 - 2022-01-18 03:25 - 000732048 _____ (Python Software Foundation) C:\Windows\pyw.exe
2022-01-18 03:25 - 2022-01-18 03:25 - 000732048 _____ (Python Software Foundation) C:\Windows\py.exe
2022-01-17 04:12 - 2022-01-17 04:12 - 000249560 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2022-01-17 04:12 - 2022-01-17 04:12 - 000239648 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys
2022-01-16 00:50 - 2022-01-16 00:50 - 001931778 _____ C:\Users\SANTI\Downloads\[BRUTE.PW]58k_bugor.txt
2022-01-16 00:26 - 2022-01-22 01:52 - 000000000 ____D C:\Program Files\mozilla firefox
2022-01-14 23:54 - 2022-01-14 23:54 - 000391392 _____ C:\Users\SANTI\Downloads\iloveimg-resized (6).zip
2022-01-14 23:53 - 2022-01-14 23:53 - 000330307 _____ C:\Users\SANTI\Downloads\iloveimg-resized (5).zip
2022-01-14 23:51 - 2022-01-14 23:51 - 000391392 _____ C:\Users\SANTI\Downloads\iloveimg-resized (4).zip
2022-01-14 23:50 - 2022-01-14 23:50 - 000414337 _____ C:\Users\SANTI\Downloads\iloveimg-resized (2).zip
2022-01-14 23:50 - 2022-01-14 23:50 - 000323700 _____ C:\Users\SANTI\Downloads\iloveimg-resized (3).zip
2022-01-14 23:49 - 2022-01-14 23:49 - 000330307 _____ C:\Users\SANTI\Downloads\iloveimg-resized (1).zip
2022-01-14 23:45 - 2022-01-19 00:40 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2022-01-14 08:23 - 2022-01-14 08:24 - 000000000 ____D C:\Users\SANTI\Documents\Grabaciones de sonido
2022-01-14 04:37 - 2022-01-14 04:37 - 000523776 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe
2022-01-14 04:37 - 2022-01-14 04:37 - 000464384 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe
2022-01-14 04:37 - 2022-01-14 04:37 - 000011797 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-01-14 04:33 - 2022-01-14 04:33 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2022-01-14 04:33 - 2022-01-14 04:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2022-01-14 04:33 - 2022-01-14 04:33 - 000000000 ____D C:\Program Files\LGHUB
2022-01-13 12:00 - 2022-01-13 12:00 - 000000000 ___HD C:\$WinREAgent
2022-01-13 07:48 - 2022-01-13 07:48 - 004453336 _____ (Logitech) C:\Windows\system32\logi_audio_headset_render_apo.dll
2022-01-13 07:48 - 2022-01-13 07:48 - 002177152 _____ (Logitech) C:\Windows\system32\logi_audio_headset_capture_apo.dll
2022-01-13 02:33 - 2022-01-13 02:33 - 004062016 _____ C:\Users\SANTI\Downloads\Virtual_Tour_On_Board_Of_Lu.mp4
2022-01-13 02:22 - 2022-01-14 23:54 - 000000000 ____D C:\Users\SANTI\Desktop\airyach
2022-01-13 02:22 - 2022-01-13 02:22 - 001617624 _____ C:\Users\SANTI\Downloads\iloveimg-resized.zip
2022-01-12 09:11 - 2022-01-12 09:11 - 000053447 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2022-01-11 at 7.11.22 PM.jpeg
2022-01-12 05:29 - 2022-01-12 05:29 - 001520654 _____ C:\Users\SANTI\Downloads\4-.pdf
2022-01-12 03:22 - 2022-01-12 03:22 - 000000000 ____D C:\Users\SANTI\Documents\Zoom
2022-01-12 03:12 - 2022-01-12 03:12 - 000245340 _____ C:\Users\SANTI\Desktop\ZonaPAGOS.com Fin Pago.pdf
2022-01-12 03:02 - 2022-01-12 03:02 - 000000000 ____D C:\Users\SANTI\AppData\Roaming\Zoom
2022-01-12 03:02 - 2022-01-12 03:02 - 000000000 ____D C:\Users\SANTI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-01-11 15:29 - 2022-01-11 15:29 - 000018764 _____ C:\Users\SANTI\Downloads\comprobante_de_pago.pdf
2022-01-10 08:23 - 2022-01-25 06:24 - 000005276 _____ C:\Users\SANTI\Documents\primera cuenta.txt
2022-01-10 02:18 - 2022-01-10 02:18 - 000059881 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2022-01-09 at 12.17.55 PM.jpeg
2022-01-10 01:35 - 2022-01-12 08:40 - 000000365 _____ C:\Users\SANTI\Documents\recoverysallworld.txt
2022-01-10 01:32 - 2022-01-10 01:32 - 000044469 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2022-01-09 at 11.32.21 AM.jpeg
2022-01-10 01:23 - 2022-01-10 01:23 - 000367032 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2022-01-09 at 11.06.27 AM (1).jpeg
2022-01-10 01:20 - 2022-01-10 01:20 - 134135795 _____ C:\Users\SANTI\Downloads\Descargar-Adobe-Photoshop-CS6-Portable-Gratis.rar
2022-01-10 01:20 - 2022-01-10 01:20 - 000000040 ____H C:\56C6870DE6FC
2022-01-10 01:20 - 2022-01-10 01:20 - 000000000 ____D C:\Users\SANTI\AppData\LocalLow\Adobe
2022-01-10 01:20 - 2017-08-05 15:10 - 000000000 ____D C:\Users\SANTI\Desktop\Adobe Photoshop CS6
2022-01-10 01:06 - 2022-01-10 01:06 - 000367032 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2022-01-09 at 11.06.27 AM.jpeg
2022-01-10 00:28 - 2022-01-10 00:28 - 000014100 _____ C:\Users\SANTI\Downloads\DUIS HERRERA.txt
2022-01-09 13:04 - 2022-01-09 13:04 - 001242678 _____ C:\Users\SANTI\Downloads\escanear_323.pdf
2022-01-09 13:04 - 2022-01-09 13:04 - 001082190 _____ C:\Users\SANTI\Downloads\218-2013_FGL.pdf
2022-01-09 13:03 - 2022-01-09 13:03 - 000672582 _____ C:\Users\SANTI\Downloads\93-2013.pdf
2022-01-09 13:03 - 2022-01-09 13:03 - 000581459 _____ C:\Users\SANTI\Downloads\295-2013.pdf
2022-01-09 13:02 - 2022-01-09 13:02 - 000606716 _____ C:\Users\SANTI\Downloads\PORTAFOLIO_DE_SERVICIO_HN_SANTIAGO_MARIA_2021.pdf
2022-01-09 13:02 - 2022-01-09 13:02 - 000255978 _____ C:\Users\SANTI\Downloads\3230_ORDEN_562013.pdf
2022-01-09 13:02 - 2022-01-09 13:02 - 000174958 _____ C:\Users\SANTI\Downloads\3202_RP-09-2013.PDF
2022-01-09 13:01 - 2022-01-09 13:01 - 001010141 _____ C:\Users\SANTI\Downloads\CONTRATO_497_GISELA_YESENIA_LÓPEZ_ROBLES.pdf
2022-01-09 13:01 - 2022-01-09 13:01 - 001009859 _____ C:\Users\SANTI\Downloads\CONTRATO_500_CARLA_YESSENIA_SAY_DE_CASTRO.pdf
2022-01-09 13:01 - 2022-01-09 13:01 - 000164198 _____ C:\Users\SANTI\Downloads\Directorio_municipalidades_2021-2024.xlsx
2022-01-09 12:59 - 2022-01-09 12:59 - 005346964 _____ C:\Users\SANTI\Downloads\Base_contratistas_DCI-junio-2018.pdf
2022-01-09 12:59 - 2022-01-09 12:59 - 001460298 _____ C:\Users\SANTI\Downloads\Directorio_municipal_áreas_de_dirección_a_diciembre_2020 (1).pdf
2022-01-09 12:58 - 2022-01-09 12:58 - 001460298 _____ C:\Users\SANTI\Downloads\Directorio_municipal_áreas_de_dirección_a_diciembre_2020.pdf
2022-01-09 12:12 - 2022-01-09 12:12 - 000193962 _____ C:\Users\SANTI\Downloads\RESOLUCION_MOTIVADA_36-UAIP-2018_Censurado (1).pdf
2022-01-09 12:10 - 2022-01-09 12:11 - 000000000 ____D C:\Users\SANTI\Desktop\codigo
2022-01-09 12:05 - 2022-01-09 12:05 - 000000000 ____D C:\ProgramData\dbg
2022-01-09 11:59 - 2022-01-09 11:59 - 000000000 ____D C:\Users\SANTI\source
2022-01-09 11:59 - 2022-01-09 11:59 - 000000000 ____D C:\Users\SANTI\AppData\Local\ServiceHub
2022-01-09 11:59 - 2022-01-09 11:59 - 000000000 ____D C:\Users\SANTI\AppData\Local\IdentityNexusIntegration
2022-01-09 11:58 - 2022-01-18 14:28 - 000000000 ____D C:\Users\SANTI\.dotnet
2022-01-09 11:58 - 2022-01-18 14:27 - 000000000 ____D C:\Program Files\dotnet
2022-01-09 11:58 - 2022-01-09 12:10 - 000000000 ____D C:\Users\SANTI\AppData\Local\.IdentityService
2022-01-09 11:58 - 2022-01-09 11:59 - 000000000 ____D C:\Users\SANTI\Documents\Visual Studio 2022
2022-01-09 11:58 - 2022-01-09 11:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2022
2022-01-09 11:58 - 2022-01-09 11:58 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-01-09 11:58 - 2022-01-09 11:58 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2022-01-09 11:58 - 2022-01-09 11:58 - 000000000 ____D C:\Program Files (x86)\dotnet
2022-01-09 11:57 - 2022-01-09 11:57 - 000001753 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2022.lnk
2022-01-09 11:57 - 2022-01-09 11:57 - 000000000 ____D C:\Program Files\Microsoft Visual Studio
2022-01-09 11:56 - 2022-01-09 11:58 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio
2022-01-09 11:56 - 2022-01-09 11:57 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2022-01-09 11:56 - 2022-01-09 11:56 - 000001429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2022-01-09 11:56 - 2022-01-09 11:56 - 000000000 ____D C:\Users\SANTI\AppData\Roaming\Visual Studio Setup
2022-01-09 11:53 - 2022-01-09 11:53 - 057747573 _____ C:\Users\SANTI\Downloads\roslyn-main.zip
2022-01-09 11:51 - 2022-01-09 11:51 - 000000811 _____ C:\Users\SANTI\Desktop\holaMundo.cs
2022-01-09 11:43 - 2022-01-09 11:43 - 000193962 _____ C:\Users\SANTI\Downloads\RESOLUCION_MOTIVADA_36-UAIP-2018_Censurado.pdf
2022-01-09 05:40 - 2022-01-09 05:42 - 000014957 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2022-01-08 at 12.41.50 PM.jpeg
2022-01-07 05:24 - 2022-01-07 05:24 - 000046573 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2022-01-07 at 5.24.11 AM.jpeg
2022-01-07 05:24 - 2022-01-07 05:24 - 000046161 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2022-01-07 at 5.24.12 AM.jpeg
2022-01-07 05:13 - 2022-01-07 05:13 - 000000148 _____ C:\Users\SANTI\Documents\recoveryalworldazeorth.txt
2022-01-07 01:27 - 2022-01-07 01:27 - 000000639 _____ C:\Users\SANTI\Documents\partes para vender.txt
2022-01-07 01:17 - 2022-01-07 01:17 - 000307027 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2022-01-07 at 1.16.55 AM.jpeg
2022-01-07 01:17 - 2022-01-07 01:17 - 000197002 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2022-01-07 at 1.16.55 AM (1).jpeg
2022-01-07 00:53 - 2022-01-07 00:53 - 000300318 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2022-01-07 at 12.53.30 AM.jpeg
2022-01-06 23:36 - 2022-01-06 23:36 - 000505526 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2022-01-06 at 11.34.44 PM.jpeg
2022-01-06 09:21 - 2022-01-06 09:21 - 000193677 _____ C:\Users\SANTI\Downloads\cards_data-export-2022_01_06_01_20.csv
2022-01-06 09:21 - 2022-01-06 09:21 - 000139197 _____ C:\Users\SANTI\Downloads\cards_data-export-2022_01_06_01_21.csv
2022-01-05 23:54 - 2022-01-05 23:54 - 000042733 _____ C:\Users\SANTI\Downloads\ReturnLabel.pdf
2022-01-05 23:54 - 2022-01-05 23:54 - 000042733 _____ C:\Users\SANTI\Downloads\ReturnLabel (2).pdf
2022-01-05 23:54 - 2022-01-05 23:54 - 000042733 _____ C:\Users\SANTI\Downloads\ReturnLabel (1).pdf
2022-01-05 01:44 - 2022-01-05 01:44 - 001331848 _____ C:\Users\SANTI\Downloads\noticia_mercantil_abril_2017.xlsx
2022-01-05 00:53 - 2022-01-05 00:53 - 158752224 _____ (Exodus Movement Inc) C:\Users\SANTI\Downloads\exodus-windows-x64-21.12.31.exe
2022-01-05 00:53 - 2022-01-05 00:53 - 000000000 ____D C:\Users\SANTI\AppData\Local\exodus
2022-01-01 03:42 - 2022-01-01 03:42 - 000000000 ____D C:\Users\SANTI\AppData\Local\OMT
2021-12-31 03:49 - 2021-12-31 03:49 - 000160139 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2021-12-30 at 2.49.06 PM.jpeg
2021-12-31 03:49 - 2021-12-31 03:49 - 000158956 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2021-12-30 at 2.49.07 PM.jpeg
2021-12-31 03:49 - 2021-12-31 03:49 - 000153183 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2021-12-30 at 2.49.05 PM.jpeg
2021-12-31 03:49 - 2021-12-31 03:49 - 000138860 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2021-12-30 at 2.49.06 PM (1).jpeg
2021-12-31 03:35 - 2021-12-31 03:35 - 000237012 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2021-12-30 at 1.50.29 PM.jpeg
2021-12-31 03:35 - 2021-12-31 03:35 - 000199821 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2021-12-30 at 1.50.28 PM.jpeg
2021-12-31 03:35 - 2021-12-31 03:35 - 000155812 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2021-12-30 at 1.50.41 PM.jpeg
2021-12-31 03:35 - 2021-12-31 03:35 - 000144931 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2021-12-30 at 1.50.40 PM.jpeg
2021-12-31 03:35 - 2021-12-31 03:35 - 000135681 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2021-12-29 at 8.45.19 PM.jpeg
2021-12-31 03:35 - 2021-12-31 03:35 - 000120316 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2021-12-30 at 2.11.05 PM.jpeg
2021-12-30 10:32 - 2021-12-30 10:32 - 000052497 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2021-12-29 at 8.32.47 PM.jpeg
2021-12-30 04:15 - 2021-12-30 04:15 - 000002446 _____ C:\Users\SANTI\Desktop\Personal - Edge.lnk
2021-12-29 14:56 - 2022-01-06 09:51 - 000004929 _____ C:\Users\SANTI\Documents\bebesitalin.txt
2021-12-29 14:12 - 2021-12-29 14:12 - 006317006 _____ C:\Users\SANTI\Downloads\[BRUTE.PW]174k_UK.txt
2021-12-29 13:42 - 2021-12-29 13:42 - 056845384 _____ (Mozilla) C:\Users\SANTI\Downloads\Thunderbird Setup 91.4.1.exe
2021-12-29 13:42 - 2021-12-29 13:42 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2021-12-29 13:42 - 2021-12-29 13:42 - 000001043 _____ C:\Users\Public\Desktop\Thunderbird.lnk
2021-12-29 13:42 - 2021-12-29 13:42 - 000000000 ____D C:\Users\SANTI\AppData\Roaming\Thunderbird
2021-12-29 13:42 - 2021-12-29 13:42 - 000000000 ____D C:\Users\SANTI\AppData\Local\Thunderbird
2021-12-29 13:42 - 2021-12-29 13:42 - 000000000 _____ C:\ProgramData\UpdateLock-D78BF5DD33499EC2
2021-12-29 09:57 - 2021-12-29 09:57 - 000199977 _____ C:\Users\SANTI\Downloads\cards_data-export-2021_12_29_01_57.csv
2021-12-29 08:55 - 2021-12-29 08:55 - 000065578 _____ C:\Users\SANTI\Downloads\WhatsApp Image 2021-12-28 at 6.55.22 PM.jpeg
2021-12-27 08:49 - 2021-12-27 08:49 - 000000000 ____D C:\Users\SANTI\Documents\FeedbackHub
2021-12-27 08:12 - 2021-12-27 08:12 - 000129482 _____ C:\Users\SANTI\Downloads\JOSE RICCARDO VANEGAS BUSTAMANTTE, 27DEC 1300 BOGOTA.pdf
2021-12-27 08:12 - 2021-12-27 08:12 - 000129463 _____ C:\Users\SANTI\Downloads\PAULA DANIELA BULLA PAEZZ, 27DEC 1300 BOGOTA.pdf
2021-12-27 06:05 - 2021-12-27 06:06 - 018972672 _____ C:\Users\SANTI\Downloads\chromeremotedesktophost.msi
2021-12-27 00:24 - 2021-12-27 00:24 - 000201490 _____ C:\Users\SANTI\Downloads\cards_data-export-2021_12_26_16_23.csv

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-01-25 06:24 - 2021-05-08 10:24 - 000000000 ____D C:\Users\SANTI\AppData\LocalLow\Mozilla
2022-01-25 06:19 - 2019-12-07 17:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-25 05:54 - 2021-03-08 02:06 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-25 05:23 - 2021-05-08 10:24 - 000000000 ____D C:\ProgramData\Mozilla
2022-01-25 05:17 - 2021-03-07 06:28 - 000000000 ____D C:\Users\SANTI\Desktop\911
2022-01-25 04:21 - 2021-12-21 16:14 - 000004216 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{92173986-30BA-47AC-B211-D4824EEDBB49}
2022-01-25 03:32 - 2021-03-10 13:34 - 000000000 ____D C:\Users\SANTI\AppData\Roaming\Telegram Desktop
2022-01-25 03:30 - 2021-04-21 22:26 - 000000000 ____D C:\Users\SANTI\Downloads\Telegram Desktop
2022-01-25 01:38 - 2021-03-10 13:09 - 000000000 ____D C:\Program Files (x86)\Magick Checker
2022-01-25 01:28 - 2021-03-07 20:13 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-01-25 00:48 - 2021-03-07 13:58 - 000000000 ____D C:\Users\SANTI\AppData\Local\D3DSCache
2022-01-24 23:09 - 2021-08-09 09:05 - 000003458 _____ C:\Windows\system32\Tasks\CorelUpdateHelperTask-B5DF09466A25FBC29FCB2703709A3585
2022-01-24 21:57 - 2021-08-05 22:01 - 000000000 ____D C:\Users\SANTI\AppData\Local\LGHUB
2022-01-24 21:54 - 2021-03-07 06:24 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-24 21:54 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\AppReadiness
2022-01-24 21:52 - 2021-03-07 20:15 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-24 21:52 - 2021-03-07 20:15 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-01-24 21:52 - 2021-03-07 06:25 - 001772866 _____ C:\Windows\system32\PerfStringBackup.INI
2022-01-24 21:52 - 2019-12-07 23:02 - 000786288 _____ C:\Windows\system32\perfh00A.dat
2022-01-24 21:52 - 2019-12-07 23:02 - 000155220 _____ C:\Windows\system32\perfc00A.dat
2022-01-24 21:52 - 2019-12-07 17:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-24 21:52 - 2019-12-07 17:13 - 000000000 ____D C:\Windows\INF
2022-01-24 21:51 - 2021-08-05 22:01 - 000000000 ____D C:\Users\SANTI\AppData\Roaming\LGHUB
2022-01-24 21:51 - 2021-03-07 06:37 - 000000000 ____D C:\Users\SANTI\AppData\Local\CrashDumps
2022-01-24 21:51 - 2021-03-07 06:19 - 000000000 ____D C:\Users\SANTI
2022-01-22 03:43 - 2021-07-06 02:15 - 000000000 ____D C:\Users\SANTI\Downloads\Hades-CODEX
2022-01-22 01:52 - 2021-05-08 10:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-22 01:52 - 2021-03-07 20:13 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-22 01:52 - 2021-03-07 20:13 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-01-22 00:53 - 2021-03-18 04:30 - 000002362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2022-01-22 00:53 - 2021-03-18 04:30 - 000002321 _____ C:\Users\Public\Desktop\Brave.lnk
2022-01-21 23:37 - 2021-05-08 10:24 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-21 23:37 - 2021-05-08 10:24 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-01-21 13:21 - 2021-03-08 02:06 - 000003558 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-21 13:21 - 2021-03-08 02:06 - 000003434 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-20 13:48 - 2021-03-07 06:23 - 000000000 ____D C:\ProgramData\Package Cache
2022-01-20 12:25 - 2021-03-07 06:24 - 000000000 ____D C:\Users\SANTI\AppData\Local\NVIDIA Corporation
2022-01-20 09:08 - 2021-07-01 05:14 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2022-01-20 09:08 - 2019-12-07 17:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-01-20 09:07 - 2021-08-19 02:29 - 000000000 ____D C:\Users\SANTI\AppData\Local\Oculus
2022-01-20 09:07 - 2021-03-08 02:10 - 000000000 ____D C:\Users\SANTI\AppData\Roaming\Blitz
2022-01-20 09:05 - 2021-12-06 22:54 - 000000000 ____D C:\Users\SANTI\AppData\Roaming\Firefly
2022-01-20 08:33 - 2021-03-07 13:47 - 000000000 ____D C:\Users\SANTI\AppData\Roaming\Exodus
2022-01-20 07:24 - 2021-03-08 02:06 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-20 07:24 - 2021-03-08 02:06 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-20 06:22 - 2021-05-18 21:49 - 000000032 _____ C:\Users\SANTI\AppData\Roaming\.machineId
2022-01-19 12:48 - 2019-12-07 17:03 - 000000000 ____D C:\Windows\CbsTemp
2022-01-19 05:00 - 2021-07-06 02:14 - 000000000 ____D C:\Users\SANTI\AppData\Roaming\uTorrent
2022-01-19 04:36 - 2019-12-07 17:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-01-19 03:49 - 2019-12-07 17:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2022-01-19 03:19 - 2021-03-13 03:38 - 000000000 ____D C:\ProgramData\Wondershare
2022-01-19 03:19 - 2021-03-13 03:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2022-01-19 03:06 - 2021-03-07 06:21 - 000000000 ___RD C:\Users\SANTI\OneDrive
2022-01-19 02:05 - 2021-03-07 06:29 - 000000000 ____D C:\Users\SANTI\AppData\Roaming\discord
2022-01-19 02:02 - 2021-03-07 06:29 - 000000000 ____D C:\Users\SANTI\AppData\Local\Discord
2022-01-19 01:46 - 2021-07-29 22:20 - 000000000 ____D C:\Users\SANTI\Desktop\eye clomeans 2
2022-01-19 01:46 - 2021-06-15 00:49 - 000000000 ____D C:\Users\SANTI\Desktop\Eye_Clomeans (1)
2022-01-19 01:46 - 2021-06-15 00:18 - 000000000 ____D C:\Users\SANTI\Desktop\eye real
2022-01-19 01:46 - 2021-06-14 10:37 - 000000000 ____D C:\Users\SANTI\Desktop\EYE
2022-01-19 00:41 - 2021-09-05 01:59 - 000003840 _____ C:\Windows\system32\Tasks\Intel PTT EK Recertification
2022-01-19 00:40 - 2021-03-07 20:13 - 000564856 _____ C:\Windows\system32\FNTCACHE.DAT
2022-01-19 00:39 - 2019-12-07 23:05 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-01-19 00:39 - 2019-12-07 17:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2022-01-19 00:39 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-01-19 00:39 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\SystemResources
2022-01-19 00:39 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\setup
2022-01-19 00:39 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\oobe
2022-01-19 00:39 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-01-19 00:39 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\Dism
2022-01-19 00:39 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\bcastdvr
2022-01-18 14:09 - 2021-08-07 14:25 - 000020905 _____ C:\Users\SANTI\Documents\livesitas(Recuperado automáticamente).xlsx
2022-01-18 08:53 - 2021-03-07 20:15 - 000003580 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-18 08:53 - 2021-03-07 20:15 - 000003456 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-18 08:06 - 2021-03-18 04:42 - 000000000 ____D C:\Users\SANTI\AppData\Local\Opera Software
2022-01-18 08:06 - 2021-03-18 04:41 - 000000000 ____D C:\Users\SANTI\AppData\Roaming\Opera Software
2022-01-17 22:52 - 2021-03-18 04:42 - 000004214 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1616013710
2022-01-17 22:52 - 2021-03-18 04:41 - 000001405 _____ C:\Users\SANTI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2022-01-17 22:51 - 2021-03-17 05:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-01-14 04:34 - 2021-03-07 09:20 - 000000000 ____D C:\Windows\system32\MRT
2022-01-14 04:33 - 2021-03-07 09:20 - 145765912 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-01-13 14:05 - 2021-12-15 06:30 - 000009817 _____ C:\Users\SANTI\Documents\cuentaswr.xlsx
2022-01-13 08:41 - 2021-03-08 02:10 - 000000000 ____D C:\CoinPoker
2022-01-13 07:48 - 2021-02-27 22:40 - 000044488 _____ (Logitech) C:\Windows\system32\Drivers\logi_audio_surround.sys
2022-01-13 02:56 - 2021-12-11 23:36 - 000003584 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-695568149-3922645088-835819184-1001
2022-01-13 02:56 - 2021-03-07 06:21 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-695568149-3922645088-835819184-1001
2022-01-13 02:56 - 2021-03-07 06:19 - 000002413 _____ C:\Users\SANTI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-09 13:01 - 2021-03-07 06:20 - 000000000 ____D C:\Users\SANTI\AppData\Local\Packages
2022-01-09 11:58 - 2021-03-07 19:58 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-01-09 11:57 - 2019-12-07 17:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-01-06 08:58 - 2021-09-16 02:33 - 000000000 ____D C:\Users\SANTI\Downloads\MEmu Download
2022-01-06 08:58 - 2021-09-16 02:33 - 000000000 ____D C:\Users\SANTI\.MemuHyperv
2022-01-06 08:58 - 2021-06-14 10:04 - 000000297 _____ C:\Users\SANTI\d4ac4633ebd6440fa397b84f1bc94a3c.7z
2022-01-06 08:58 - 2021-03-07 06:25 - 000000000 ____D C:\Users\SANTI\AppData\Local\Nox
2022-01-06 08:50 - 2021-09-02 08:27 - 000000000 ____D C:\Users\SANTI\.BigNox
2022-01-06 08:50 - 2021-03-07 06:44 - 000000000 ____D C:\Users\SANTI\.android
2022-01-06 08:50 - 2021-03-07 06:40 - 000000000 ____D C:\Users\SANTI\vmlogs
2022-01-06 08:50 - 2021-03-07 06:40 - 000000000 ____D C:\Users\SANTI\AppData\Local\NoxSrv
2022-01-06 03:29 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\NDF
2022-01-05 00:53 - 2021-03-07 13:47 - 000002225 _____ C:\Users\SANTI\Desktop\Exodus.lnk
2022-01-05 00:53 - 2021-03-07 13:47 - 000000000 ____D C:\Users\SANTI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Exodus Movement Inc
2022-01-05 00:53 - 2021-03-07 06:29 - 000000000 ____D C:\Users\SANTI\AppData\Local\SquirrelTemp
2022-01-01 18:25 - 2021-08-19 02:41 - 000000000 ____D C:\Users\SANTI\AppData\Roaming\OculusClient
2022-01-01 03:59 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\LiveKernelReports
2022-01-01 03:42 - 2021-05-28 06:03 - 000000000 ____D C:\Users\SANTI\AppData\Local\UnrealEngine
2021-12-31 07:46 - 2021-12-19 04:23 - 000000000 ____D C:\Users\SANTI\AppData\Roaming\Twitch Studio
2021-12-29 10:01 - 2021-12-15 13:49 - 000002243 _____ C:\Users\SANTI\Documents\lives 2.txt
2021-12-28 14:14 - 2021-12-18 16:37 - 000000354 _____ C:\Users\SANTI\Documents\asfas.txt

==================== Archivos en la raíz de algunos directorios ========

2021-05-18 21:49 - 2022-01-20 06:22 - 000000032 _____ () C:\Users\SANTI\AppData\Roaming\.machineId
2021-10-28 14:34 - 2021-10-28 14:34 - 000005389 _____ () C:\Users\SANTI\AppData\Roaming\2f7083d8-688f-4b07-9c4c-7aef725be985.tmp
2022-01-20 15:06 - 2022-01-22 02:41 - 000000128 _____ () C:\Users\SANTI\AppData\Local\PUTTY.RND

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 22-01-2022
Ejecutado por SANTI (24-01-2022 16:25:37)
Ejecutado desde C:\Users\SANTI\Desktop
Microsoft Windows 10 Pro Versión 20H2 19042.1466 (X64) (2021-03-06 22:16:51)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-695568149-3922645088-835819184-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-695568149-3922645088-835819184-503 - Limited - Disabled)
Invitado (S-1-5-21-695568149-3922645088-835819184-501 - Limited - Disabled)
SANTI (S-1-5-21-695568149-3922645088-835819184-1001 - Administrator - Enabled) => C:\Users\SANTI
WDAGUtilityAccount (S-1-5-21-695568149-3922645088-835819184-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Emsisoft Anti-Malware (Disabled - Up to date) {5FD8BF8F-F242-6153-61B5-8FF333E8736B}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Ableton Live 11 Intro (HKLM\...\{7E5322D6-5E8B-4902-B735-F032AB5CE3D1}) (Version: 11.0.0.0 - Ableton) Hidden
Ableton Live 11 Intro (HKLM-x32\...\{d5e71e6d-d2b5-4898-9c2f-c969eb180677}) (Version: 11.0.0.0 - Ableton)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 6.2.6 - AnyDesk Software GmbH)
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 4.2.10 - ASUS)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.1.35.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{4ec038d4-2f97-469d-9725-dda173d961fb}) (Version: 1.1.35.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.11 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{9c72488b-eb92-40bd-94a3-de309514c154}) (Version: 1.1.0.11 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.07 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{7a0d5159-cb5e-4f66-91f8-bab46f864f14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{8bf47d14-406b-49e8-8759-966757033aa0}) (Version: 2.1.1.3 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.1.1.3 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM\...\{B8F984F2-7887-4DD2-8D96-F9A4BC5A4AC5}) (Version: 1.2.0.11 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{f4416c94-760b-431e-8516-5c67e2d05b53}) (Version: 1.2.0.11 - ASUSTek COMPUTER INC.) Hidden
AURA DRAM Component (HKLM\...\{9AFE5429-866B-457D-A864-80BCF7672EE8}) (Version: 1.1.14 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{c6391bdc-929f-4a9f-98cd-9a3038379379}) (Version: 1.1.14 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.18 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.18 - ASUS)
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.05.18 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{2f406341-f76d-47c9-a781-b6d186b55b00}) (Version: 3.05.18 - ASUSTeK Computer Inc.)
balenaEtcher 1.5.116 (HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.116 - Balena Inc.)
Blitz (HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.16.18 - Blitz, Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 97.1.34.81 - Los creadores de Brave)
CCleaner (HKLM\...\CCleaner) (Version: 5.89 - Piriform)
Chrome Remote Desktop Host (HKLM-x32\...\{B9B27527-C019-411B-9813-3FC8724C88DA}) (Version: 96.0.4664.39 - Google LLC)
CoinPoker (HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\{d3cf6764-9a59-46e2-a2bc-9341f413e996}) (Version: 5.19 - TGLab)
Comprobación de estado de PC Windows (HKLM\...\{75741B4B-FC87-494A-A380-0EBA06DB89F9}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Core Temp 1.17.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17.1 - ALCPU)
Corel Graphics - Windows Shell Extension (HKLM\...\_{EC4702C9-1FFE-4E46-BC78-225DD35DE4BB}) (Version: 22.2.0.530 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{EC4702C9-1FFE-4E46-BC78-225DD35DE4BB}) (Version: 22.2.530 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{66B8AA28-7A5F-4ED6-BEE8-A92D28B0E54E}) (Version: 22.2.530 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{F30F96B6-EADE-44FF-B202-C8697BC088F8}) (Version: 2.14.626 - Corel corporation) Hidden
CorelDRAW Technical Suite 2020 - IPM (x64) (HKLM\...\{52D2611E-17E2-4AC2-9BB6-0255F453664E}) (Version: 22.2 - Corel Corporation) Hidden
CorelDRAW Technical Suite 2020 - IPM Content (x64) (HKLM\...\{D17AA252-0EDB-4842-9D00-A9A39008450B}) (Version: 22.2 - Corel Corporation) Hidden
CorelDRAW Technical Suite 2020 - IPM Lattice (x64) (HKLM\...\{AD51F620-6B6C-4A5B-9D54-9B62C26C16DB}) (Version: 22.2 - Corel Corporation) Hidden
CorelDRAW Technical Suite 2020 - Writing Tools (x64) (HKLM\...\{60AB95FB-5BF2-405C-A459-616EEC216A90}) (Version: 22.2 -  Corel Corporation) Hidden
CorelDRAW Technical Suite 2020 (64-Bit) (HKLM\...\_{D92038D5-781B-4FD6-AE4F-D365ECE818BC}) (Version: 22.2.0.532 - Corel Corporation)
CORSAIR iCUE Software (HKLM-x32\...\{3D350B22-542B-4FB4-B3AC-EA760941C319}) (Version: 3.38.61 - Corsair)
CPUID CPU-Z 1.96 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.96 - CPUID, Inc.)
Discord (HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
EaseUS MobiMover 5.5.5 (HKLM-x32\...\EaseUS MobiMover_is1) (Version:  - EaseUS)
elapp 1.3.7 (HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\7399d0d7-786a-59b1-adda-49f9460eaf87) (Version: 1.3.7 - Criptext Inc)
Emsisoft Anti-Malware (HKLM\...\{CA975286-D816-410C-B6C9-F7213CA84695}) (Version: 22.1.2.11345 - Emsisoft Ltd.)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.37.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{413fe4b8-1352-4234-a775-ff2f04ad9042}) (Version: 1.1.37.0 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.1 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{bf1d7028-d935-477f-b5b2-053062f9b527}) (Version: 1.0.9.1 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{8CAF0391-512D-485C-B141-39D89E7EDCA8}) (Version: 1.2.17.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{0B736177-814A-4ADE-81D1-66A0FDD55BB4}) (Version: 1.1.11.0 - Epic Games, Inc.)
ExitLag version 4.188 (HKLM-x32\...\{B3117F72-F22D-4DA7-B554-B3F4EDBB408F}_is1) (Version: 4.188 - ExitLag)
Exodus (HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\exodus) (Version: 21.12.31 - Exodus Movement Inc)
Firefly 1.3.0 (HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\5892dd0c-8983-51d7-b337-6e1d1da9ad4b) (Version: 1.3.0 - IOTA Foundation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden
Hades (HKLM-x32\...\Hades_is1) (Version:  - )
It Takes Two (HKLM-x32\...\It Takes Two_is1) (Version:  - )
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.8 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{26b750af-32e4-4afb-aed3-d4c571b122ad}) (Version: 1.1.8 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2022.1.3492 - Logitech)
Magick Checker versión . (HKLM-x32\...\{A8486DE6-CF6E-4D86-AA5B-B19B13B051B8}_is1) (Version: . - Magick Checker)
Malwarebytes version 4.5.0.152 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.0.152 - Malwarebytes)
Mavis Hub 1.3.0 (HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\{cc9e8b63-ffef-5371-bb50-2dfd3e6be1f2}) (Version: 1.3.0 - )
MEmu (HKLM-x32\...\MEmu) (Version: 7.5.6.0 - Microvirt Software Technology Co. Ltd.)
Microsoft .NET SDK 5.0.404 (x64) (HKLM-x32\...\{5183e901-6cd7-4e0e-95cc-9874fefc3b0c}) (Version: 5.4.421.57211 - Microsoft Corporation)
Microsoft .NET SDK 6.0.101 (x64) from Visual Studio (HKLM\...\{1B33F856-548C-4869-81B5-878C1ED2B382}) (Version: 6.1.121.56904 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.69 - Microsoft Corporation)
Microsoft Office Professional 2019 - es-es (HKLM\...\Professional2019Retail - es-es) (Version: 16.0.14729.20260 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\OneDriveSetup.exe) (Version: 21.245.1128.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.0.4496.34889 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2019 (HKLM-x32\...\{1edcd8d2-905a-4e93-bfdf-92ed5601528a}) (Version: 16.0.28801 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox (x64 es-ES) (HKLM\...\Mozilla Firefox 96.0.2 (x64 es-ES)) (Version: 96.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.4.1 - Mozilla)
Mozilla Thunderbird (x64 es-ES) (HKLM\...\Mozilla Thunderbird 91.5.0 (x64 es-ES)) (Version: 91.5.0 - Mozilla)
NoPing (HKLM\...\{E02BF8B3-81A8-43A4-A2AF-D283C12D9FA1}) (Version: 4.0.3.3 - NoPing)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 8.1.5 - Notepad++ Team)
NoxPlayer (HKLM-x32\...\Nox) (Version: 7.0.1.5 - Duodian Technology Co. Ltd.)
NVIDIA Controlador de audio HD 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 461.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.72 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Oculus (HKLM\...\Oculus) (Version: <3 - Facebook Technologies, LLC)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Opera GX Stable 82.0.4227.50 (HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\Opera GX 82.0.4227.50) (Version: 82.0.4227.50 - Opera Software)
Opera Stable 82.0.4227.58 (HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\Opera 82.0.4227.58) (Version: 82.0.4227.58 - Opera Software)
Oracle VM VirtualBox 6.1.32 (HKLM\...\{4A51F890-19E4-4E7C-A118-4B8ACEB5AEC5}) (Version: 6.1.32 - Oracle Corporation)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.2 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{fdc098ce-d76c-4e2e-a0a6-01a24e9a1f7d}) (Version: 1.0.9.2 - Patriot Memory)
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.0.6.4 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{3c403389-0bc5-4298-bebf-09de0c0b745d}) (Version: 1.0.6.4 - Patriot Memory)
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
ProtonVPN (HKLM-x32\...\{FFAFEA09-E7DA-4710-A278-7F0506C96829}) (Version: 1.18.5 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.18.5) (Version: 1.18.5 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{5DA710E2-1B81-4675-BFC5-76BAF63AE1F6}) (Version: 1.1.3 - Proton Technologies AG)
Python 3.10.2 (64-bit) (HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\{c60fd5ac-367d-4e3a-a975-f157502ac30a}) (Version: 3.10.2150.0 - Python Software Foundation)
Python 3.10.2 Core Interpreter (64-bit) (HKLM\...\{6475B354-B0F6-4837-8738-784937D647B2}) (Version: 3.10.2150.0 - Python Software Foundation) Hidden
Python 3.10.2 Development Libraries (64-bit) (HKLM\...\{8277936D-8A34-4758-893C-0B29342A6F27}) (Version: 3.10.2150.0 - Python Software Foundation) Hidden
Python 3.10.2 Documentation (64-bit) (HKLM\...\{B51A07AD-9BCE-485D-8721-C7C83992794B}) (Version: 3.10.2150.0 - Python Software Foundation) Hidden
Python 3.10.2 Executables (64-bit) (HKLM\...\{EDEE3162-8399-42D4-9D7C-7DA21275BFD0}) (Version: 3.10.2150.0 - Python Software Foundation) Hidden
Python 3.10.2 pip Bootstrap (64-bit) (HKLM\...\{08B7036F-0609-4634-9A5F-1688230E9D9D}) (Version: 3.10.2150.0 - Python Software Foundation) Hidden
Python 3.10.2 Standard Library (64-bit) (HKLM\...\{D862D299-FDC2-4571-B3A1-27CEE951D2D1}) (Version: 3.10.2150.0 - Python Software Foundation) Hidden
Python 3.10.2 Tcl/Tk Support (64-bit) (HKLM\...\{7863DF45-23BB-4D83-97B3-CF08F3192F5B}) (Version: 3.10.2150.0 - Python Software Foundation) Hidden
Python 3.10.2 Test Suite (64-bit) (HKLM\...\{D68594E9-2F98-4EA0-8A94-5D7D9FF51960}) (Version: 3.10.2150.0 - Python Software Foundation) Hidden
Python 3.10.2 Utility Scripts (64-bit) (HKLM\...\{300F0759-8294-4971-9FAD-7AB19FA7B270}) (Version: 3.10.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{0CD41B07-EDF9-4B77-8C7C-CCCA1C435970}) (Version: 3.10.7686.0 - Python Software Foundation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8366 - Realtek Semiconductor Corp.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
Roblox Player for SANTI (HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\roblox-player) (Version:  - Roblox Corporation)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.2.18.5 - ASUSTek COMPUTER INC.)
ROG PUGIO (HKLM-x32\...\{549b30e6-5580-47af-8bc1-4082a0077dfa}) (Version: 2.07.00 - ASUSTek Computer Inc.)
ROG RYUO (HKLM-x32\...\{476f3aaf-7760-4daa-950c-3897f88332e2}) (Version: 1.03.13 - ASUSTek Computer Inc.)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 4.0.0.17 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.3.0.330 - Samsung Electronics)
SDK de Microsoft .NET Framework 4.6.1 (español) (HKLM-x32\...\{07570008-8840-4A14-A752-1367157138A5}) (Version: 4.6.01055 - Microsoft Corporation) Hidden
SDK de Microsoft .NET Framework 4.6.2 (español) (HKLM-x32\...\{10250C02-76C2-424E-A402-AEAA23D05740}) (Version: 4.6.01590 - Microsoft Corporation) Hidden
SDK de Microsoft .NET Framework 4.7 (español) (HKLM-x32\...\{930D90EC-1098-4E3B-BF75-2EC7E186F007}) (Version: 4.7.02053 - Microsoft Corporation) Hidden
SDK de Microsoft .NET Framework 4.7.1 (español) (HKLM-x32\...\{28D506CF-7958-4972-95D6-F414ECCF4988}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
SDK de Microsoft .NET Framework 4.7.2 (español) (HKLM-x32\...\{9BEBCD18-E34F-4FB0-B960-064C5EEDAEE0}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Security Task Manager 2.4 (HKLM-x32\...\Security Task Manager) (Version: 2.4 - Neuber Software)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Telegram Desktop version 3.4.3 (HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.4.3 - Telegram FZ-LLC)
Twitch Studio (HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF372B0}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.2 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{6870588f-9f28-488b-a169-cf548ad6b393}) (Version: 1.0.0.2 - PD)
VALORANT (HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
Visual Studio Community 2022 (HKLM-x32\...\a187cf30) (Version: 17.0.4 - Microsoft Corporation)
vs_CoreEditorFonts (HKLM-x32\...\{D3C8B8FA-171A-492F-A918-04FA182B6450}) (Version: 17.0.32014 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{CCFBC305-8495-4A7D-B20F-BB0439A12AFB}) (Version: 17.0.31808 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{60C647C8-7865-410D-A947-E98578028922}) (Version: 17.0.31808 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{38371BF8-3A6A-4C76-B2C5-403CF3FA711B}) (Version: 17.0.31808 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{8B0EB9A0-0E61-490D-BC08-63E8C3B84170}) (Version: 17.0.31808 - Microsoft Corporation) Hidden
vs_minshellsharedmsi (HKLM-x32\...\{7FEC4935-AB34-488D-BF33-38C816525040}) (Version: 17.0.31808 - Microsoft Corporation) Hidden
vs_minshellx64msi (HKLM\...\{EFF69C65-9C29-46D2-B1F2-3B07C82C7958}) (Version: 17.0.31808 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{589d5178-7c46-4052-8509-a0685184d622}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
WebAdvisor de McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.663 - McAfee, LLC)
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 97.0.1072.69 - Microsoft Corporation)
Windows Packet Filter (64 bit) (HKLM\...\{6B811A29-2FB9-46D6-88D7-1275AC7AAE01}) (Version: 3.2.20.3 - NT Kernel Resources)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
XVL Player / XVL Player Pro 64-bit Edition (HKLM-x32\...\{936575FE-E49B-4CE9-9934-0329727476C8}) (Version: 19.1a - Lattice Technology)
XVL Studio Corel Editionx64 (HKLM-x32\...\{B8F0DAEC-D940-48C8-B6AB-9600012CB8C9}) (Version: 6.1 - Lattice Technology)
Zoom (HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)

Packages:
=========
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_4.2.5.0_x64__qmba6cd70vzyy [2021-09-08] (ASUSTeK COMPUTER INC.)
Complemento de motor multimedia para Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-28] (Microsoft Corporation)
Halo Infinite -> C:\Program Files\WindowsApps\Microsoft.254428597CFE2_1.3295.45279.0_x64__8wekyb3d8bbwe [2022-01-20] (Microsoft Studios)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa [2021-10-30] (Apple Inc.) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-14] (Microsoft Studios) [MS Ad]
Night Skies PREMIUM -> C:\Program Files\WindowsApps\Microsoft.NightSkiesPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2021-03-08] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-01-18] (NVIDIA Corp.)
Panda Bears -> C:\Program Files\WindowsApps\Microsoft.PandaBears_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.20.238.0_x64__dt26b99r8h8gj [2021-09-05] (Realtek Semiconductor Corp)
TranslucentTB -> C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2021.5.0.0_x64__v826wp6bftszj [2021-11-19] (Charles Milette) [Startup Task]

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-695568149-3922645088-835819184-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-695568149-3922645088-835819184-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-695568149-3922645088-835819184-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-695568149-3922645088-835819184-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-695568149-3922645088-835819184-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-695568149-3922645088-835819184-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2021-09-26] (Notepad++ -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU.DLL [2022-01-18] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers2: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU64.DLL [2022-01-18] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers3-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU.DLL [2022-01-18] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers3: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU64.DLL [2022-01-18] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-01-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\nvshext.dll [2021-02-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU.DLL [2022-01-18] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers6: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU64.DLL [2022-01-18] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-01-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-02] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\SANTI\Desktop\Kevin - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\SANTI\Desktop\Personal - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\SANTI\Desktop\Santiago (aaa) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\SANTI\Desktop\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\SANTI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\SANTI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6ddfdda7e648aa1f\MetaMask.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nkbihfbeogaeaoehlefnkodbefgpgknn

==================== Módulos cargados (Lista blanca) =============

2021-08-19 05:27 - 2021-08-19 05:27 - 000477696 _____ () [Archivo no firmado] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2021-08-19 05:27 - 2021-08-19 05:27 - 000471040 _____ () [Archivo no firmado] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2021-08-19 05:27 - 2021-08-19 05:27 - 000454656 _____ () [Archivo no firmado] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\registry-js\prebuilds\win32-ia32\node.napi.node
2022-01-14 04:33 - 2022-01-13 07:48 - 000635904 _____ () [Archivo no firmado] \\?\C:\Program Files\LGHUB\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2021-09-19 09:06 - 2021-02-19 00:07 - 000085504 _____ () [Archivo no firmado] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\zlib1.dll
2021-09-08 09:37 - 2019-12-24 09:51 - 000093184 _____ () [Archivo no firmado] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll
2021-08-19 05:27 - 2021-08-19 05:27 - 000081920 _____ () [Archivo no firmado] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2021-07-09 22:00 - 2021-07-09 22:00 - 000085504 _____ () [Archivo no firmado] C:\Windows\system32\zlib1.dll
2015-11-04 16:40 - 2015-11-04 16:40 - 000004608 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamesp.dll
2021-03-17 05:45 - 2021-03-17 05:45 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2021-03-17 05:45 - 2021-03-17 05:45 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2021-09-19 09:06 - 2021-02-19 00:07 - 000287232 _____ (The curl library, hxxps://curl.haxx.se/) [Archivo no firmado] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\libcurl.dll
2021-07-09 22:00 - 2021-07-09 22:00 - 000466944 _____ (The curl library, hxxps://curl.haxx.se/) [Archivo no firmado] C:\Windows\system32\libcurl.dll
2021-09-19 09:06 - 2021-02-19 00:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\libcrypto-1_1-x64.dll
2021-09-19 09:06 - 2021-02-19 00:07 - 002281984 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\LIBEAY32.dll
2021-09-19 09:06 - 2021-02-19 00:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\libssl-1_1-x64.dll
2021-09-19 09:06 - 2021-02-19 00:07 - 000361472 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\SSLEAY32.dll
2021-09-08 09:37 - 2019-06-27 07:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2021-09-08 09:37 - 2019-06-27 07:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2182]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2021-06-13] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-01-14] (McAfee, LLC -> McAfee, LLC)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2021-06-13] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-01-14] (McAfee, LLC -> McAfee, LLC)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2019-12-07 17:14 - 2022-01-25 06:24 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Oculus\Support\oculus-runtime;C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\dotnet\
HKU\S-1-5-21-695568149-3922645088-835819184-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\SANTI\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 190.157.8.101 - 190.157.8.109
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está habilitado.

Network Binding:
=============
Conexión de área local: ExitLag Game Booster -> nt_ndextlag (enabled) 
Conexión de área local: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Conexión de área local: MemuHyperv NDIS6 Bridged Networking Driver -> maiwei_MEmuNetLwf (enabled) 
Conexión de área local: WinpkFilter LightWeight Filter -> nt_ndisrd (enabled) 
Ethernet 2: ExitLag Game Booster -> nt_ndextlag (enabled) 
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet 2: MemuHyperv NDIS6 Bridged Networking Driver -> maiwei_MEmuNetLwf (enabled) 
Ethernet 2: WinpkFilter LightWeight Filter -> nt_ndisrd (enabled) 
Wi-Fi: WinpkFilter LightWeight Filter -> nt_ndisrd (enabled) 
Wi-Fi: ExitLag Game Booster -> nt_ndextlag (enabled) 
Wi-Fi: MemuHyperv NDIS6 Bridged Networking Driver -> maiwei_MEmuNetLwf (enabled) 
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
VirtualBox Host-Only Network: ExitLag Game Booster -> nt_ndextlag (enabled) 
VirtualBox Host-Only Network: MemuHyperv NDIS6 Bridged Networking Driver -> maiwei_MEmuNetLwf (enabled) 
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
VirtualBox Host-Only Network: WinpkFilter LightWeight Filter -> nt_ndisrd (enabled) 

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: a2AntiMalware => 2
MSCONFIG\Services: AMD Crash Defender Service => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AnyDesk => 2
MSCONFIG\Services: ArmouryCrateService => 2
MSCONFIG\Services: ArmouryLiveUpdate => 3
MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: asus => 2
MSCONFIG\Services: AsusCertService => 2
MSCONFIG\Services: asusm => 3
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: brave => 2
MSCONFIG\Services: bravem => 3
MSCONFIG\Services: chromoting => 3
MSCONFIG\Services: CorsairGamingAudioConfig => 2
MSCONFIG\Services: CorsairLLAService => 2
MSCONFIG\Services: CorsairService => 2
MSCONFIG\Services: ElevationService => 2
MSCONFIG\Services: EpicOnlineServices => 3
MSCONFIG\Services: FvSvc => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LGHUBUpdaterService => 2
MSCONFIG\Services: LightingService => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McAfee WebAdvisor => 2
MSCONFIG\Services: MEmuSVC => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: OVRLibraryService => 3
MSCONFIG\Services: OVRService => 2
MSCONFIG\Services: ProtonVPN Service => 3
MSCONFIG\Services: ProtonVPN Update Service => 3
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\Services: PSI_SVC_2_x64 => 2
MSCONFIG\Services: ROG Live Service => 2
MSCONFIG\Services: RstMwService => 2
MSCONFIG\Services: RtkAudioUniversalService => 2
MSCONFIG\Services: ss_conn_launcher_service => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TwitchService => 3
MSCONFIG\Services: VBoxSDS => 3
MSCONFIG\Services: vgc => 3
MSCONFIG\Services: Wondershare InstallAssist => 2
HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run: => "Emsisoft Anti-Malware"
HKLM\...\StartupApproved\Run: => "NoPing"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "CORSAIR iCUE Software"
HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\StartupApproved\Run: => "Nox_1"
HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\StartupApproved\Run: => "Nox"
HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\StartupApproved\Run: => "ut"
HKU\S-1-5-21-695568149-3922645088-835819184-1001\...\StartupApproved\Run: => "com.blitz.app"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{26CF4E25-EC84-4B76-9777-664ED6D5DC65}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2E3B5968-4386-446A-8D5D-D7B136983052}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6754C71F-826B-470C-BF45-7721FA99AD6A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BA038EBD-34F2-4E7F-9B50-4FE89D76C10A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{959FECB1-E298-4F08-8598-7B495B7E9D28}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1B8B4A2D-DE66-4C7D-9F81-A828AA741198}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2E19D358-3EF6-4C02-9300-61462FDF80DC}] => (Allow) C:\Users\SANTI\Desktop\911\Client.exe (International Media Ltd -> International Media Ltd)
FirewallRules: [{21800FC0-62D2-40EA-A798-5AE7E7072D79}] => (Allow) C:\Users\SANTI\Desktop\911\forward.exe (International Media Ltd ->  International Media Ltd)
FirewallRules: [{4DB5E6CC-B19D-46AD-9C49-0FB2256B7A39}] => (Allow) C:\Users\SANTI\Desktop\911\Lineupd.exe (International Media Ltd -> International Media Ltd)
FirewallRules: [{9D3203B3-5606-4427-A42E-21F7B6CC977A}] => (Allow) C:\Users\SANTI\Desktop\911\newforward.exe (International Media Ltd -> International Media Ltd)
FirewallRules: [{764D6170-70E4-4E29-8133-41104F53C048}] => (Allow) C:\Users\SANTI\Desktop\911\newsocket.exe (International Media Ltd -> International Media Ltd)
FirewallRules: [{B14D8EEA-B387-4496-A319-F96E7F2D319D}] => (Allow) C:\Users\SANTI\Desktop\911\socket.exe (International Media Ltd -> International Media Ltd)
FirewallRules: [{B6DE7E31-AA3A-4795-BBC2-4F50A88D31D1}] => (Allow) C:\Users\SANTI\Desktop\911\ProxyTool\ProxyAPI.exe (International Media Ltd -> International Media Ltd)
FirewallRules: [{E82089CE-9264-4A19-8541-747AA8100C1E}] => (Allow) C:\Users\SANTI\Desktop\911\ProxyTool\Monitor.exe (International Media Ltd -> International Media Ltd)
FirewallRules: [TCP Query User{02F0AEBB-0FD1-4B9E-8033-EA3A146C6C84}C:\users\santi\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\santi\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [UDP Query User{A54A2B13-CD80-4E43-8910-DD7BC6AEC412}C:\users\santi\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\santi\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [TCP Query User{41613EFA-7B28-4E4E-B004-FC2683F13A9D}C:\users\santi\appdata\local\programs\elapp\elapp.exe] => (Allow) C:\users\santi\appdata\local\programs\elapp\elapp.exe (Criptext Inc -> Criptext Inc)
FirewallRules: [UDP Query User{7933940F-EAEF-4119-90E1-DB5B35373529}C:\users\santi\appdata\local\programs\elapp\elapp.exe] => (Allow) C:\users\santi\appdata\local\programs\elapp\elapp.exe (Criptext Inc -> Criptext Inc)
FirewallRules: [{F1FCD8E9-06F4-4949-9FEC-DF5E5B700E36}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{82C77378-678F-4687-8FF6-7228E6AD722C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{8B6616A5-529C-4E62-BE92-701C7F6C82EF}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{6F39F478-9437-409D-9EAA-E8A02CBA0CE0}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{CF570C5F-9878-4FC4-BBC7-B754792CFCA6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EEA7245C-5052-42EA-84A4-562D4C7C16E3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{70AD2497-18B5-4AAF-A3E9-175B9AC38342}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D0F329C8-7136-4CD9-895A-D1E9033B946A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{790D2A50-D4C4-429C-8EF1-208EC662E527}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe (Hubert Moszka Northwood -> )
FirewallRules: [{39970B7D-BEF0-4E60-8760-6AD9D7A2C1E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe (Hubert Moszka Northwood -> )
FirewallRules: [TCP Query User{16E7A57E-8BF0-4877-863A-8FCFAE281301}C:\users\santi\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\santi\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{770CAED4-29C4-4180-A343-DFFF987945B5}C:\users\santi\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\santi\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{736006A6-8397-4C00-A181-92DCFDAF4731}C:\users\santi\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\users\santi\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{EC7BBAA5-6099-4325-8008-DD84A7DB0575}C:\users\santi\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\users\santi\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe
FirewallRules: [TCP Query User{420CA219-CD3B-4F83-819E-1CC325E349AF}C:\users\santi\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\santi\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{927E8B0D-3292-49F8-9C6A-FD8FE56AE06E}C:\users\santi\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\santi\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{05D9BF9D-636F-4488-93A5-51FF42708950}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{15BE1406-5C74-4CE2-8C1B-16C1833A9848}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{0C3E64C7-9DA4-40B1-B4CE-F1BD4C439EDD}] => (Allow) C:\Program Files\Kill Ping\Kill Ping.exe (GZ Systems Limited -> )
FirewallRules: [{DC6A03D6-88AC-4090-8846-14B31A3F9155}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe (SKOWSAND SERVICOS DE PROVEDORES E INTERNET LTDA -> )
FirewallRules: [{458893C9-5B66-46CC-B2AE-074738165CF2}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe (SKOWSAND SERVICOS DE PROVEDORES E INTERNET LTDA -> )
FirewallRules: [TCP Query User{9B0D8505-F993-4ACA-A84A-2CE3F9B96450}C:\users\santi\downloads\it.takes.two-codex\codex\nuts\binaries\win64\ittakestwo.exe] => (Block) C:\users\santi\downloads\it.takes.two-codex\codex\nuts\binaries\win64\ittakestwo.exe (Hazelight Studios) [Archivo no firmado]
FirewallRules: [UDP Query User{88A62D12-0EE5-45E4-A0D2-C4BCF73B8102}C:\users\santi\downloads\it.takes.two-codex\codex\nuts\binaries\win64\ittakestwo.exe] => (Block) C:\users\santi\downloads\it.takes.two-codex\codex\nuts\binaries\win64\ittakestwo.exe (Hazelight Studios) [Archivo no firmado]
FirewallRules: [TCP Query User{BB7FF6B8-2729-4ACE-BA96-1A0C4FB3D2E2}C:\it takes two\nuts\binaries\win64\ittakestwo.exe] => (Allow) C:\it takes two\nuts\binaries\win64\ittakestwo.exe (Hazelight Studios) [Archivo no firmado]
FirewallRules: [UDP Query User{E839B8E3-9A92-4351-99D1-B3F3CCF2A2B0}C:\it takes two\nuts\binaries\win64\ittakestwo.exe] => (Allow) C:\it takes two\nuts\binaries\win64\ittakestwo.exe (Hazelight Studios) [Archivo no firmado]
FirewallRules: [{822C02A6-A904-4283-84CB-B6E16C72F006}] => (Allow) C:\Program Files\NoPing\NoPing.exe (1ncrivel Sistemas LTDA -> )
FirewallRules: [{EC733036-224B-40D0-946A-00E924FB39B2}] => (Allow) C:\Program Files\NoPing\QtWinExtras\service.notification.updater.exe (1ncrivel Sistemas LTDA -> )
FirewallRules: [{B8AE191A-21F4-47D1-9DA3-B6A8C50CF41E}] => (Allow) C:\Program Files\NoPing\service.routing.wind.exe (1ncrivel Sistemas LTDA -> )
FirewallRules: [{B4BEB8B3-8CF8-4FC1-BEB7-43AA0371A6D7}] => (Allow) C:\Program Files\NoPing\service.routing.exe (1ncrivel Sistemas LTDA -> )
FirewallRules: [{85DC665E-44A1-4E4E-8EEF-DFF3149B7D04}] => (Allow) C:\Program Files\NoPing\NoPingUpdater.exe (1ncrivel Sistemas LTDA -> )
FirewallRules: [TCP Query User{337D9B3C-13FC-4396-B8F2-0B3E6937B870}C:\users\santi\desktop\flashpoint 9.0 infinity\legacy\httpd.exe] => (Allow) C:\users\santi\desktop\flashpoint 9.0 infinity\legacy\httpd.exe (Apache Software Foundation) [Archivo no firmado]
FirewallRules: [UDP Query User{F872D041-2FC8-4FCC-969E-E488FC860C1F}C:\users\santi\desktop\flashpoint 9.0 infinity\legacy\httpd.exe] => (Allow) C:\users\santi\desktop\flashpoint 9.0 infinity\legacy\httpd.exe (Apache Software Foundation) [Archivo no firmado]
FirewallRules: [TCP Query User{271D115E-E3BB-450C-B2DF-B2A1D5883355}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{B7DE4EE4-379A-40FE-849C-576B2536FBF8}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{BA976F96-041D-4CE4-A00B-5988999AA523}] => (Block) c:\Program Files\Corel\CorelDRAW Technical Suite 2020\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{BF677EC9-EDDF-4AF8-B8DF-462942AE1866}] => (Block) c:\Program Files\Corel\CorelDRAW Technical Suite 2020\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{ECD0630A-CC17-4D71-BE31-64592586C938}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{3AC2E431-C9A2-41EC-8AA1-68DE0855F1B7}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{1D380F9B-35E1-46E4-894E-EF09687B7CD2}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{A56CDB62-5712-4D96-BF99-4004B80144CE}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{A121F8C3-7505-4977-878B-86F692499755}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{043656A8-4807-4233-945F-9CA6B33DF792}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{AFEA4172-7595-4561-BE86-06BF63F9D11B}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{087E61E3-8ED9-41A7-AF81-29AE53775556}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{941437F7-F3CD-411E-B301-07B0A5F04CCA}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [{265D3FE8-8195-4A4E-BC49-92A0FD54908E}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [{493C1670-4B24-42C4-AD8A-371A8AF48CBA}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{C0200D2D-1955-4032-B2EC-2FB2497D656B}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{B96A3AC6-3F07-4E77-8752-53A3D916F768}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [{25E0B546-889C-46B7-988F-18404FF315A1}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [{5289BABE-4093-4064-8DD6-D5565941B796}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [Archivo no firmado]
FirewallRules: [{87E3D399-393C-4AA4-8ECD-8FB419A63BE4}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [Archivo no firmado]
FirewallRules: [{8FBC102F-A00A-482B-8770-112C7C9FFC61}] => (Allow) C:\Program Files\Oculus\Software\Software\vrchat-vrchat\install.exe () [Archivo no firmado]
FirewallRules: [{1F856152-E995-425E-AFDE-F548A2ED0044}] => (Allow) C:\Program Files\Oculus\Software\Software\vrchat-vrchat\install.exe () [Archivo no firmado]
FirewallRules: [{CA7C8F4E-C985-47B2-84C1-1D40F2537B7E}] => (Allow) C:\Program Files\Oculus\Software\Software\vrchat-vrchat\launch.exe () [Archivo no firmado]
FirewallRules: [{5B540234-AFAC-4ECE-9B29-334DEAC82F9F}] => (Allow) C:\Program Files\Oculus\Software\Software\vrchat-vrchat\launch.exe () [Archivo no firmado]
FirewallRules: [{85F2E800-266E-43C2-9A9F-F0AB3C945E9F}] => (Allow) C:\Program Files\Oculus\Software\Software\vrchat-vrchat\UnityCrashHandler64.exe (Unity Technologies ApS -> )
FirewallRules: [{67548AF8-BC6C-437E-AA0A-D6F4943D3D76}] => (Allow) C:\Program Files\Oculus\Software\Software\vrchat-vrchat\UnityCrashHandler64.exe (Unity Technologies ApS -> )
FirewallRules: [{674461E0-489E-4527-841B-C586EAEE962C}] => (Allow) C:\Program Files\Oculus\Software\Software\vrchat-vrchat\VRChat.exe () [Archivo no firmado]
FirewallRules: [{F1FF8CB0-D278-4925-9E40-92FC1B3B5C5E}] => (Allow) C:\Program Files\Oculus\Software\Software\vrchat-vrchat\VRChat.exe () [Archivo no firmado]
FirewallRules: [{B3CF23FB-4030-426A-BDAD-C5B6E7A5032D}] => (Allow) C:\Program Files\Oculus\Software\Software\bigscreen-bigscreen\Bigscreen.exe () [Archivo no firmado]
FirewallRules: [{C4B9074E-319B-45CA-808A-FF950706658A}] => (Allow) C:\Program Files\Oculus\Software\Software\bigscreen-bigscreen\Bigscreen.exe () [Archivo no firmado]
FirewallRules: [{3924C552-E7E9-4D78-953E-DAA80C05ED70}] => (Allow) C:\Program Files\Oculus\Software\Software\bigscreen-bigscreen\UnityCrashHandler64.exe (Unity Technologies Aps -> )
FirewallRules: [{6FEE51A1-C162-44ED-824B-C27F501604B5}] => (Allow) C:\Program Files\Oculus\Software\Software\bigscreen-bigscreen\UnityCrashHandler64.exe (Unity Technologies Aps -> )
FirewallRules: [{CDC97DD6-E29D-4F75-A2A6-A00D1BDD57DF}] => (Allow) C:\Program Files\Oculus\Software\Software\bigscreen-bigscreen\Bigscreen_Data\StreamingAssets\bsvad\bsdevcon.exe (Microsoft Corporation) [Archivo no firmado]
FirewallRules: [{114D2203-D42C-4BEB-8577-D3AB66366913}] => (Allow) C:\Program Files\Oculus\Software\Software\bigscreen-bigscreen\Bigscreen_Data\StreamingAssets\bsvad\bsdevcon.exe (Microsoft Corporation) [Archivo no firmado]
FirewallRules: [{15F9B0FC-B778-4F43-8F74-20670EA58244}] => (Allow) C:\Program Files\Oculus\Software\Software\bigscreen-bigscreen\Bigscreen_Data\StreamingAssets\bsvad\RouteToBigscreen.exe () [Archivo no firmado]
FirewallRules: [{6B6633AB-B9D2-4E81-BEBA-EA170A8757CB}] => (Allow) C:\Program Files\Oculus\Software\Software\bigscreen-bigscreen\Bigscreen_Data\StreamingAssets\bsvad\RouteToBigscreen.exe () [Archivo no firmado]
FirewallRules: [{D561015C-FCC2-4819-9719-16FE14119B24}] => (Allow) C:\Program Files\Oculus\Software\Software\bigscreen-bigscreen\Bigscreen_Data\StreamingAssets\bsvad\RouteToDefaults.exe () [Archivo no firmado]
FirewallRules: [{3D84E2A8-5438-4D6A-BD1D-1C2E4BAC815F}] => (Allow) C:\Program Files\Oculus\Software\Software\bigscreen-bigscreen\Bigscreen_Data\StreamingAssets\bsvad\RouteToDefaults.exe () [Archivo no firmado]
FirewallRules: [{FC12CA42-BF1E-4017-9E57-1349FDC3510F}] => (Allow) C:\\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.)
FirewallRules: [{26858BC9-6D75-4550-8070-8233B3282879}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe (Nox Limited -> Nox Limited Corporation)
FirewallRules: [{640784A0-8A75-41CA-8F99-CEB983EB8D32}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{0250D30B-A959-4DC2-A305-61D172990C81}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{59B84B84-7AA0-4503-BAC2-41E9552BAB1D}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
FirewallRules: [{E73E7EA5-0890-4F58-9F39-34C01B864B6F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{11402192-D7C5-486A-B79A-F5DBC49646B5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FDAD0CA5-EFF5-408A-93A6-C179ACF21803}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FD29717E-36D9-407F-B57A-BFCAC0AAF66C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{16537F81-7770-4122-9255-B2F178ADBB9E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{174674A1-BEB5-4BA7-9C91-60BDFDE5CA52}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{34C499D4-FC21-4733-AA7A-21765A8E36D9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{13B5B011-920A-4A87-B50F-07FBE8648FDE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5AB586D6-14C1-42F8-98C1-CDC0E5F86C88}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{36CD3E51-F48A-49A2-B7A2-F8B9374BBB58}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [TCP Query User{A3BB989F-B79B-4D96-86BA-D37DABEA3847}D:1\haloinfinite.exe] => (Allow) D:1\haloinfinite.exe => Ningún archivo
FirewallRules: [UDP Query User{85AE9767-1D13-4552-8903-F0B89E79C182}D:1\haloinfinite.exe] => (Allow) D:1\haloinfinite.exe => Ningún archivo
FirewallRules: [TCP Query User{B6A8082F-0C82-473D-A003-B433C53933E3}D:2\haloinfinite.exe] => (Allow) D:2\haloinfinite.exe => Ningún archivo
FirewallRules: [UDP Query User{A6BCCE37-2626-49E1-B894-BE936AE13846}D:2\haloinfinite.exe] => (Allow) D:2\haloinfinite.exe => Ningún archivo
FirewallRules: [TCP Query User{FA60F191-AF7B-4196-B9ED-7683A1A18D99}D:3\haloinfinite.exe] => (Allow) D:3\haloinfinite.exe => Ningún archivo
FirewallRules: [UDP Query User{A021385D-0B69-4053-A974-C5A533320C11}D:3\haloinfinite.exe] => (Allow) D:3\haloinfinite.exe => Ningún archivo
FirewallRules: [TCP Query User{192736C5-2FE6-49FD-A27B-085A9C197AEE}D:5\haloinfinite.exe] => (Allow) D:5\haloinfinite.exe => Ningún archivo
FirewallRules: [UDP Query User{FCA06035-C03F-48F4-AF42-0A9A3FBB1475}D:5\haloinfinite.exe] => (Allow) D:5\haloinfinite.exe => Ningún archivo
FirewallRules: [TCP Query User{B07B782A-712E-4B24-AAC6-BFA7F1980329}D:7\haloinfinite.exe] => (Allow) D:7\haloinfinite.exe => Ningún archivo
FirewallRules: [UDP Query User{B1B37663-C42B-4852-90FA-28AD3FECF69F}D:7\haloinfinite.exe] => (Allow) D:7\haloinfinite.exe => Ningún archivo
FirewallRules: [TCP Query User{0ED0879E-516A-4904-AB92-3976A3A2B1C3}D:0\haloinfinite.exe] => (Allow) D:0\haloinfinite.exe => Ningún archivo
FirewallRules: [UDP Query User{3221444E-EC9F-409E-A6AF-7A218D656746}D:0\haloinfinite.exe] => (Allow) D:0\haloinfinite.exe => Ningún archivo
FirewallRules: [TCP Query User{EF1ADACF-340E-4992-BD9A-DA4EC48DB521}E:2\haloinfinite.exe] => (Allow) E:2\haloinfinite.exe => Ningún archivo
FirewallRules: [UDP Query User{B50DA218-E790-416D-8023-364F38861AE3}E:2\haloinfinite.exe] => (Allow) E:2\haloinfinite.exe => Ningún archivo
FirewallRules: [TCP Query User{09EAAFB1-8C1C-496F-BA07-B17928B8C694}E:3\haloinfinite.exe] => (Allow) E:3\haloinfinite.exe => Ningún archivo
FirewallRules: [UDP Query User{D9F63FCA-766F-4991-B00E-EB57B8471299}E:3\haloinfinite.exe] => (Allow) E:3\haloinfinite.exe => Ningún archivo

FirewallRules: [TCP Query User{FAEBCE84-8C64-4E37-AB47-96ADED157FE5}E:4\haloinfinite.exe] => (Allow) E:4\haloinfinite.exe => Ningún archivo
FirewallRules: [UDP Query User{DDEA4A4B-2E2E-40F5-806A-F17D087126F2}E:4\haloinfinite.exe] => (Allow) E:4\haloinfinite.exe => Ningún archivo
FirewallRules: [{44233551-D7D8-4CCA-AFA3-694F26EB6459}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{970ED98C-4468-44EC-BD25-70663D63129F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{48120EEC-4ABE-4527-8E3B-0E8BF1341460}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E7247E3E-0F3E-4143-B9A6-5820488C57EB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{2DA7381F-DD0A-42A7-8A6F-19C175AAB090}E:6\haloinfinite.exe] => (Allow) E:6\haloinfinite.exe => Ningún archivo
FirewallRules: [UDP Query User{8E75A85C-CE86-4BE7-ADD8-F46A596B56E0}E:6\haloinfinite.exe] => (Allow) E:6\haloinfinite.exe => Ningún archivo
FirewallRules: [TCP Query User{5CBC66ED-999E-4AA2-8F1D-7030211CC0DE}E:9\haloinfinite.exe] => (Allow) E:9\haloinfinite.exe => Ningún archivo
FirewallRules: [UDP Query User{09BDA5E8-7C93-4070-BE6E-B54700C6E983}E:9\haloinfinite.exe] => (Allow) E:9\haloinfinite.exe => Ningún archivo
FirewallRules: [TCP Query User{8B3E23D8-583B-4D0A-ACA6-8CD99CB5464A}C:\users\santi\appdata\roaming\twitch studio\bin\twitchstudioagent.exe] => (Allow) C:\users\santi\appdata\roaming\twitch studio\bin\twitchstudioagent.exe (Twitch Interactive, Inc. -> )
FirewallRules: [UDP Query User{220B570C-FC7C-4094-AEAF-FD5E17B54714}C:\users\santi\appdata\roaming\twitch studio\bin\twitchstudioagent.exe] => (Allow) C:\users\santi\appdata\roaming\twitch studio\bin\twitchstudioagent.exe (Twitch Interactive, Inc. -> )
FirewallRules: [{9D447331-1453-4D56-833E-C754F21EF709}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\96.0.4664.39\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{0E456ED3-A54F-4F98-8EBF-01DEF62F3332}D:4\haloinfinite.exe] => (Allow) D:4\haloinfinite.exe => Ningún archivo
FirewallRules: [UDP Query User{9415F823-FB0C-4FD5-BF81-E5D719F9D899}D:4\haloinfinite.exe] => (Allow) D:4\haloinfinite.exe => Ningún archivo
FirewallRules: [TCP Query User{22A6E996-3E92-422D-95C8-1BFAAE1F46E4}E:0\haloinfinite.exe] => (Allow) E:0\haloinfinite.exe => Ningún archivo
FirewallRules: [UDP Query User{102F1DCA-104B-428F-AEE4-F4D2D2FA4E9D}E:0\haloinfinite.exe] => (Allow) E:0\haloinfinite.exe => Ningún archivo
FirewallRules: [TCP Query User{136218EA-B3A4-4AB6-A130-107FC6C02BB4}E:1\haloinfinite.exe] => (Allow) E:1\haloinfinite.exe => Ningún archivo
FirewallRules: [UDP Query User{19F52B81-C2E0-4A41-BA10-43A4E715AB1B}E:1\haloinfinite.exe] => (Allow) E:1\haloinfinite.exe => Ningún archivo
FirewallRules: [TCP Query User{0D46E6A9-089F-4DB3-9DAF-2B987E8A00FF}C:\program files\oculus\software\software\mirowin-guns-n-stories-preface-vr\omt\binaries\win64\omt-win64-shipping.exe] => (Allow) C:\program files\oculus\software\software\mirowin-guns-n-stories-preface-vr\omt\binaries\win64\omt-win64-shipping.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{DA106D85-C4FE-4AB6-B210-4673EB2A3785}C:\program files\oculus\software\software\mirowin-guns-n-stories-preface-vr\omt\binaries\win64\omt-win64-shipping.exe] => (Allow) C:\program files\oculus\software\software\mirowin-guns-n-stories-preface-vr\omt\binaries\win64\omt-win64-shipping.exe (Epic Games, Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{C3AF0E63-2573-4470-8C0C-582D4483DF3E}D:9\haloinfinite.exe] => (Allow) D:9\haloinfinite.exe => Ningún archivo
FirewallRules: [UDP Query User{78EC2BA6-CCD7-489A-9B72-8E9848939B64}D:9\haloinfinite.exe] => (Allow) D:9\haloinfinite.exe => Ningún archivo
FirewallRules: [TCP Query User{7443E024-9E5E-40D8-9611-9E393AE7D234}E:7\haloinfinite.exe] => (Allow) E:7\haloinfinite.exe => Ningún archivo
FirewallRules: [UDP Query User{0AC3E984-4EAA-44D8-B2C7-76AED88804A5}E:7\haloinfinite.exe] => (Allow) E:7\haloinfinite.exe => Ningún archivo
FirewallRules: [TCP Query User{B90C1B01-67FB-47BD-9CFB-96119791D98E}E:8\haloinfinite.exe] => (Allow) E:8\haloinfinite.exe => Ningún archivo
FirewallRules: [UDP Query User{2FC97A38-63EA-4833-BD08-1FAE3C026BCC}E:8\haloinfinite.exe] => (Allow) E:8\haloinfinite.exe => Ningún archivo
FirewallRules: [{2AB8D0AC-188E-4CA3-BFFB-96D110DFA926}] => (Allow) C:\Users\SANTI\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{D37E5DB2-D665-497A-BD27-6CF51A748B91}F:3\haloinfinite.exe] => (Allow) F:3\haloinfinite.exe => Ningún archivo
FirewallRules: [UDP Query User{E8B2F296-7DF8-49F4-B670-AC04635ED4D3}F:3\haloinfinite.exe] => (Allow) F:3\haloinfinite.exe => Ningún archivo
FirewallRules: [{A1FBA364-A196-4E26-91E1-64617067C422}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{298762AE-48A7-486B-B049-474812E3BE3D}F:6\haloinfinite.exe] => (Allow) F:6\haloinfinite.exe => Ningún archivo
FirewallRules: [UDP Query User{42CEB950-2E91-4E19-B961-07052DD788B0}F:6\haloinfinite.exe] => (Allow) F:6\haloinfinite.exe => Ningún archivo
FirewallRules: [TCP Query User{21DF8B78-7177-42A9-8CDB-9FAB7634778A}F:7\haloinfinite.exe] => (Allow) F:7\haloinfinite.exe => Ningún archivo
FirewallRules: [UDP Query User{32833734-CC11-4ABB-906F-F82AD41C9818}F:7\haloinfinite.exe] => (Allow) F:7\haloinfinite.exe => Ningún archivo
FirewallRules: [TCP Query User{8ED50E0D-B68E-4476-A6A2-CC32488B65E3}F:9\haloinfinite.exe] => (Allow) F:9\haloinfinite.exe => Ningún archivo
FirewallRules: [UDP Query User{59C863C4-6438-4D04-A1ED-BAE9888E124C}F:9\haloinfinite.exe] => (Allow) F:9\haloinfinite.exe => Ningún archivo
FirewallRules: [TCP Query User{C5D4A147-7707-4BD3-AAEE-57D026ED8E4B}C:\users\santi\desktop\openbullet2\openbullet2.exe] => (Allow) C:\users\santi\desktop\openbullet2\openbullet2.exe (OpenBullet2) [Archivo no firmado]
FirewallRules: [UDP Query User{9F273F30-539C-40C3-A6F2-B77070BEC47C}C:\users\santi\desktop\openbullet2\openbullet2.exe] => (Allow) C:\users\santi\desktop\openbullet2\openbullet2.exe (OpenBullet2) [Archivo no firmado]
FirewallRules: [TCP Query User{7D4D7D8F-D4F0-4502-A135-870F800B185C}C:\program files\dotnet\dotnet.exe] => (Allow) C:\program files\dotnet\dotnet.exe (.NET -> Microsoft Corporation)
FirewallRules: [UDP Query User{A799D161-A50B-4F81-A149-CAE70B22B6CB}C:\program files\dotnet\dotnet.exe] => (Allow) C:\program files\dotnet\dotnet.exe (.NET -> Microsoft Corporation)
FirewallRules: [{6191213F-54AB-4851-9E26-FF3C10DB1FC9}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{2719FF61-021F-40AE-B5EB-19DE5FA9FD85}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{40B233E7-7B27-4512-BE6F-F7ACDE2FEED0}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{043B3126-8B2F-4458-BBB2-F5A51185950D}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{324D75B8-7770-455E-9260-4D0AD2AA0100}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{CEAC7096-7103-470E-81A3-92B97FAD0873}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{F72D4B77-2C4A-460E-A7E6-34A126B21806}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{16E127E8-70A8-457F-9216-968B56C4F063}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{20D0C8CB-0178-49B6-A219-D083284C5861}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Puntos de Restauración =========================


==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (01/25/2022 01:05:38 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; descripción = Punto de control programado; error = 0x80070422).

Error: (01/25/2022 01:02:18 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: El optimizador de almacenamiento no pudo completar volver a optimizar en (F:) debido a: El hardware del volumen no admite la operación solicitada. (0x8900002A)

Error: (01/25/2022 12:51:00 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: El optimizador de almacenamiento no pudo completar volver a optimizar en (E:) debido a: El hardware del volumen no admite la operación solicitada. (0x8900002A)

Error: (01/25/2022 12:48:33 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: El optimizador de almacenamiento no pudo completar volver a optimizar en Reservado para el sistema (D:) debido a: El hardware del volumen no admite la operación solicitada. (0x8900002A)

Error: (01/24/2022 10:15:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary MsQuic.

System Error:
Error del cargador de recursos al buscar un archivo MUI.
.

Error: (01/24/2022 10:15:07 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: La copia de seguridad no se completó correctamente. El error es: No hay espacio suficiente en esta unidad para guardar la copia de seguridad. Para liberar espacio, elimina copias de seguridad antiguas y datos innecesarios o cambia tu configuración de copia de seguridad. (0x81000005).

Error: (01/24/2022 09:54:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary MsQuic.

System Error:
Error del cargador de recursos al buscar un archivo MUI.
.

Error: (01/24/2022 09:54:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary MsQuic.

System Error:
Error del cargador de recursos al buscar un archivo MUI.
.


Errores del sistema:
=============
Error: (01/25/2022 05:17:43 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Error irrecuperable al crear una credencial TLS client. El estado de error interno es 10013.

Error: (01/25/2022 01:02:16 AM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.

Error: (01/25/2022 01:02:13 AM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.

Error: (01/25/2022 01:02:06 AM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.

Error: (01/25/2022 01:02:03 AM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.

Error: (01/25/2022 12:53:18 AM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.

Error: (01/25/2022 12:51:05 AM) (Source: disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk1\DR1, tiene un bloque defectuoso.

Error: (01/22/2022 08:04:42 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H90MM26)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.


Windows Defender:
================
Date: 2022-01-22 05:43:20
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:PDF/Fraud!rfn&threatid=2147727426&enterprise=0
Nombre: Trojan:PDF/Fraud!rfn
Id.: 2147727426
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_E:\Users\Kevin\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\a522dba3997d33ba\120712-0049\Att\2002d45f\NOV-WIN (1).pdf; file:_E:\Users\Kevin\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\a522dba3997d33ba\120712-0049\Att\2002d45f\NOV-WIN (2).pdf; file:_E:\Users\Kevin\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\a522dba3997d33ba\120712-0049\Att\2002d45f\NOV-WIN (3).pdf; file:_E:\Users\Kevin\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\a522dba3997d33ba\120712-0049\Att\2002d45f\NOV-WIN (4).pdf; file:_E:\Users\Kevin\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\a522dba3997d33ba\120712-0049\Att\2002d45f\NOV-WIN (5).pdf; file:_E:\Users\Kevin\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\a522dba3997d33ba\120712-0049\Att\2002d45f\NO
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-H90MM26\SANTI
Nombre de proceso: C:\Users\SANTI\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Versión de inteligencia de seguridad: AV: 1.355.2281.0, AS: 1.355.2281.0, NIS: 1.355.2281.0
Versión de motor: AM: 1.1.18800.4, NIS: 1.1.18800.4

Date: 2022-01-22 05:43:20
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:PDF/Fraud!rfn&threatid=2147727426&enterprise=0
Nombre: Trojan:PDF/Fraud!rfn
Id.: 2147727426
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_E:\Users\Kevin\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\a522dba3997d33ba\120712-0049\Att\2002d45f\NOV-WIN (1).pdf; file:_E:\Users\Kevin\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\a522dba3997d33ba\120712-0049\Att\2002d45f\NOV-WIN (2).pdf; file:_E:\Users\Kevin\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\a522dba3997d33ba\120712-0049\Att\2002d45f\NOV-WIN (3).pdf; file:_E:\Users\Kevin\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\a522dba3997d33ba\120712-0049\Att\2002d45f\NOV-WIN (4).pdf; file:_E:\Users\Kevin\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\a522dba3997d33ba\120712-0049\Att\2002d45f\NOV-WIN (5).pdf
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-H90MM26\SANTI
Nombre de proceso: C:\Users\SANTI\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Versión de inteligencia de seguridad: AV: 1.355.2281.0, AS: 1.355.2281.0, NIS: 1.355.2281.0
Versión de motor: AM: 1.1.18800.4, NIS: 1.1.18800.4

Date: 2022-01-22 05:43:20
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:PDF/Fraud!rfn&threatid=2147727426&enterprise=0
Nombre: Trojan:PDF/Fraud!rfn
Id.: 2147727426
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_E:\Users\Kevin\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\a522dba3997d33ba\120712-0049\Att\2002d45f\NOV-WIN (1).pdf; file:_E:\Users\Kevin\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\a522dba3997d33ba\120712-0049\Att\2002d45f\NOV-WIN (2).pdf; file:_E:\Users\Kevin\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\a522dba3997d33ba\120712-0049\Att\2002d45f\NOV-WIN (3).pdf; file:_E:\Users\Kevin\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\a522dba3997d33ba\120712-0049\Att\2002d45f\NOV-WIN (4).pdf
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-H90MM26\SANTI
Nombre de proceso: C:\Users\SANTI\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Versión de inteligencia de seguridad: AV: 1.355.2281.0, AS: 1.355.2281.0, NIS: 1.355.2281.0
Versión de motor: AM: 1.1.18800.4, NIS: 1.1.18800.4

Date: 2022-01-22 05:43:20
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:PDF/Fraud!rfn&threatid=2147727426&enterprise=0
Nombre: Trojan:PDF/Fraud!rfn
Id.: 2147727426
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_E:\Users\Kevin\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\a522dba3997d33ba\120712-0049\Att\2002d45f\NOV-WIN (1).pdf; file:_E:\Users\Kevin\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\a522dba3997d33ba\120712-0049\Att\2002d45f\NOV-WIN (2).pdf; file:_E:\Users\Kevin\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\a522dba3997d33ba\120712-0049\Att\2002d45f\NOV-WIN (3).pdf
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-H90MM26\SANTI
Nombre de proceso: C:\Users\SANTI\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Versión de inteligencia de seguridad: AV: 1.355.2281.0, AS: 1.355.2281.0, NIS: 1.355.2281.0
Versión de motor: AM: 1.1.18800.4, NIS: 1.1.18800.4

Date: 2022-01-22 05:43:20
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:PDF/Fraud!rfn&threatid=2147727426&enterprise=0
Nombre: Trojan:PDF/Fraud!rfn
Id.: 2147727426
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_E:\Users\Kevin\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\a522dba3997d33ba\120712-0049\Att\2002d45f\NOV-WIN (1).pdf; file:_E:\Users\Kevin\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\a522dba3997d33ba\120712-0049\Att\2002d45f\NOV-WIN (2).pdf
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-H90MM26\SANTI
Nombre de proceso: C:\Users\SANTI\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Versión de inteligencia de seguridad: AV: 1.355.2281.0, AS: 1.355.2281.0, NIS: 1.355.2281.0
Versión de motor: AM: 1.1.18800.4, NIS: 1.1.18800.4

CodeIntegrity:
===============
Date: 2022-01-25 05:56:23
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume8\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume8\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. F21 05/21/2021
Placa base: Gigabyte Technology Co., Ltd. Z490 AORUS ELITE AC
Procesador: 11th Gen Intel(R) Core(TM) i9-11900KF @ 3.50GHz
Porcentaje de memoria en uso: 36%
RAM física total: 16273.74 MB
RAM física disponible: 10268.45 MB
Virtual total: 30609.74 MB
Virtual disponible: 20858.39 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:930.77 GB) (Free:359.49 GB) NTFS
Drive d: (Reservado para el sistema) (Fixed) (Total:0.34 GB) (Free:0.05 GB) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]
Drive e: () (Fixed) (Total:331.59 GB) (Free:0.03 GB) NTFS
Drive f: () (Fixed) (Total:599.14 GB) (Free:118.4 GB) NTFS

\\?\Volume{6d3ba4e6-0da1-11ec-a1de-f44d30f94a25}\ () (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS
\\?\Volume{ee4346ec-1888-fca4-9c48-2755fc7560b8}\ () (Fixed) (Total:61.4 GB) (Free:0 GB) NTFS
\\?\Volume{1ee94b7f-0000-0000-0000-d0fb52000000}\ () (Fixed) (Total:0.44 GB) (Free:0.12 GB) NTFS
\\?\Volume{e9515cb5-1131-4139-8b01-b84c8f0e8b69}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 37F1A2E2)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 1EE94B7F)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=331.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=599.1 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.

==================== Final de Addition.txt =======================

Eso es todo, muchas gracias !!

Hola que tal

Reconoces estos archivos?

• C:\Users\SANTI\Downloads\rivg9g5s.exe
• C:\Users\SANTI\Downloads\9umb0n0i.exe
• C:\Users\SANTI\Downloads\rivg9g5s.exe
• C:\Users\SANTI\Downloads\instance-2-rdp.rdp
• C:\Users\SANTI\Downloads\watcgin-rdp-chk.rdp

Estas usando McAfee?

Los tres primeros son los .exe de DR WEB Y los otros dos si, son dos accesos directos de conexion a escritorio remoto.

McAfee no, estaba usando Malwarebytes